Beacon with non-CORS-safelisted Content-Type

Beacon with non-CORS-safelisted Content-Type (deprecated)

sendBeacon() has been available as described in https://www.chromestatus.com/feature/5517433905348608. A part of sendBeacon()'s functionalities has been temporarily disabled later due to a security issue. The change is that, from M60, sendBeacon() will throw when called with a Blob whose type is not a CORS-safelisted value for the Content-Type request header as the data argument. This entry is used for tracking progress on resolving the issue and re-enabling the functionality.

Specification

Editor's draft

Status in Chromium

Blink components: Blink>Network

Deprecated (launch bug) in:

Chrome for desktop release 54
Chrome for Android release 54
Chrome for iOS release 54
Android WebView release 54
Opera release 41
Opera for Android release 41

Consensus & Standardization

Firefox: No public signals
Edge: No public signals
Safari: No public signals
Web Developers: No signals

Owner

tyoshino@chromium.org

Last updated on 2017-06-14