Beacon with non-CORS-safelisted Content-Type

Beacon with non-CORS-safelisted Content-Type (deprecated)

sendBeacon() has been available as described in https://www.chromestatus.com/feature/5517433905348608. A part of sendBeacon()'s functionalities has been temporarily disabled later due to a security issue. The change is that, from M60, sendBeacon() will throw when called with a Blob whose type is not a CORS-safelisted value for the Content-Type request header as the data argument. This entry is used for tracking progress on resolving the issue and re-enabling the functionality.

Documentation

https://developer.mozilla.org/en-US/docs/Web/API/Navigator/sendBeacon

Specification

Editor's draft

Status in Chromium

Blink components: Blink>Network

Deprecated (tracking bug) in:

Chrome for desktop release 54
Chrome for Android release 54
Android WebView release 54

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: No public signals
Edge: No public signals
Safari: No public signals
Web Developers: No signals

Owner

tyoshino@chromium.org

Last updated on 2020-01-15