Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8203850

java.net.http HTTP client should allow specifying Origin and Referer headers

    Details

    • Subcomponent:
    • Resolved In Build:
      b16

      Backports

        Description

        A DESCRIPTION OF THE PROBLEM :
        Apparenty, those headers are forbidden in HTTP client because XMLHttpRequest API forbids those. (https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name). XMLHttpRequest API forbids those, as allowing them would make Cross-origin resource sharing API insecure. This isn't an issue for Java HTTP client, as it doesn't implement CORS, and due to not being a web browser likely never will. This is useful, as some websites require those headers to work.


          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  michaelm Michael McMahon
                  Reporter:
                  webbuggrp Webbug Group
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: