Update net::HttpUtil::IsSafeHeader() with two new headers

Update net::HttpUtil::IsSafeHeader() with two new headers

Looks like W3C added Access-Control-Request-Headers and Access-Control-Request-Method to the list of unsafe headers.
http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method

BUG=126264
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=136923

[benjhayden, 2012-05-04 14:37:40]

PTAL

[cbentzel, 2012-05-04 15:33:55]

Is there a bug associated with this?

[benjhayden, 2012-05-04 15:41:26]

On 2012/05/04 15:33:55, cbentzel wrote:
> Is there a bug associated with this?

Nope, I was working on http://codereview.chromium.org/10260018/ and noticed that
IsSafeHeader() no longer matched the spec.

[cbentzel, 2012-05-04 17:20:42]

Can you add a bug? May help to get abarth to take a look just to make sure
we want to do this. The mechanics of the code look fine.

On Fri, May 4, 2012 at 11:41 AM, <[email protected]> wrote:

> On 2012/05/04 15:33:55, cbentzel wrote:
>
>> Is there a bug associated with this?
>>
>
> Nope, I was working on
http://codereview.chromium.**org/10260018/<http://codereview.chromium.org/102...
noticed that
> IsSafeHeader() no longer matched the spec.
>
>
http://codereview.chromium.**org/10365012/<http://codereview.chromium.org/103...
>

[benjhayden, 2012-05-04 17:30:47]

On 2012/05/04 17:20:42, cbentzel wrote:
> Can you add a bug? May help to get abarth to take a look just to make sure
> we want to do this. The mechanics of the code look fine.

http://code.google.com/p/chromium/issues/detail?id=126264

> 
> On Fri, May 4, 2012 at 11:41 AM, <mailto:[email protected]> wrote:
> 
> > On 2012/05/04 15:33:55, cbentzel wrote:
> >
> >> Is there a bug associated with this?
> >>
> >
> > Nope, I was working on
>
http://codereview.chromium.**org/10260018/%3Chttp://codereview.chromium.org/1...
> noticed that
> > IsSafeHeader() no longer matched the spec.
> >
> >
>
http://codereview.chromium.**org/10365012/%3Chttp://codereview.chromium.org/1...>
> >

[benjhayden, 2012-05-09 21:55:14]

Ping?

[cbentzel, 2012-05-10 00:10:56]

Did abarth chime in?

On Wed, May 9, 2012 at 2:55 PM, <[email protected]> wrote:

> Ping?
>
>
http://codereview.chromium.**org/10365012/<http://codereview.chromium.org/103...
>

[benjhayden, 2012-05-10 00:16:12]

Adam, PTAL?

[abarth-chromium, 2012-05-10 04:23:24]

Seems fine.  It's kind of lame that we have this list both in WebKit and here,
but I don't see a way around that without introducing a dependency on WebKit,
which we obviously don't want.

[cbentzel, 2012-05-11 20:08:02]

LGTM

On Wed, May 9, 2012 at 9:23 PM, <[email protected]> wrote:

> Seems fine.  It's kind of lame that we have this list both in WebKit and
> here,
> but I don't see a way around that without introducing a dependency on
> WebKit,
> which we obviously don't want.
>
>
http://codereview.chromium.**org/10365012/<http://codereview.chromium.org/103...
>

[benjhayden, 2012-05-14 15:46:01]

merge

[commit-bot: I haz the power, 2012-05-14 16:52:21]

CQ is trying da patch. Follow status at
https://chromium-status.appspot.com/cq/[email protected]/10365012/6003

[commit-bot: I haz the power, 2012-05-14 18:43:10]

Change committed as 136923