Created attachment 304878 [details] Screenshot from WebInspector showing the empty Access-Control-Request-Headers being sent Instead of omitting the "Access-Control-Request-Headers" header, Safari will send an empty value, which causes compatibility problems with CouchDB 1.6.1 and CouchDB 2.0.0. I've filed the exact same bug on Chrome, and they've fixed it as of M57: https://bugs.chromium.org/p/chromium/issues/detail?id=633729 Neither Firefox nor Edge have this bug. I've also filed this as a compat bug on CouchDB, but they haven't fixed it yet: https://issues.apache.org/jira/browse/COUCHDB-3090 STR: 1. Install CouchDB, run it on http://localhost:5984 (e.g. using `brew install couchdb`) 2. Run `npm install -g add-cors-to-couchdb` 3. Run `add-cors-to-couchdb` 4. Open the URL: http://bl.ocks.org/nolanlawson/raw/68f8117655fce45f9172d4f00a4ccaf4/ Expected result: Safari doesn't send the header at all if the value is empty Actual result: Safari sends "Access-Control-Request-Headers: " which breaks CouchDB. I've reproduced in Safari Technology Preview Release 25 (Safari 10.2, WebKit 12604.1.8.1.2) on macOS Sierra (10.12.4 Beta (16E191a)).
https://w3c-test.org/fetch/api/cors/cors-preflight.html should test this in theory per https://github.com/w3c/web-platform-tests/pull/4556 but for some reason Safari times out (and both Chrome and Firefox fail the same tests, so further cleanup might be warranted).
Created attachment 305016 [details] Patch
Comment on attachment 305016 [details] Patch r=me
(In reply to Nolan Lawson from comment #0) > Created attachment 304878 [details] > Screenshot from WebInspector showing the empty > Access-Control-Request-Headers being sent > > Instead of omitting the "Access-Control-Request-Headers" header, Safari will > send an empty value, which causes compatibility problems with CouchDB 1.6.1 > and CouchDB 2.0.0. Thanks for taking the time to file the bug here and for other various browsers. Improving web-platform-tests test coverage is also a great way for those kind of things, should you have some time for it in the future :)
No prob; happy to see this get fixed across all browsers! :) Thanks for the patch.
Submitted web-platform-tests pull request: https://github.com/w3c/web-platform-tests/pull/5192
Comment on attachment 305016 [details] Patch Clearing flags on attachment: 305016 Committed r214254: <http://trac.webkit.org/changeset/214254>
All reviewed patches have been landed. Closing bug.