Bug 213215 - Web Inspector: CORS preflight OPTIONS requests no longer shown in Network tab
Summary: Web Inspector: CORS preflight OPTIONS requests no longer shown in Network tab
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: Web Inspector (show other bugs)
Version: WebKit Nightly Build
Hardware: All All
: P2 Normal
Assignee: Nobody
Keywords: InRadar
Depends on:
Reported: 2020-06-15 14:26 PDT by Michael[tm] Smith
Modified: 2021-07-05 01:39 PDT (History)
10 users (show)

See Also:

web inspector screen shot (282.44 KB, image/png)
2020-06-15 20:52 PDT, Brock Mills
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Michael[tm] Smith 2020-06-15 14:26:40 PDT
See https://stackoverflow.com/questions/60290892/safari-cors-options-preflight-requests-not-showing-in-dev-tools for a user report about Web Inspector no longer displaying CORS preflight OPTIONS requests in the Network tab.
Comment 1 Radar WebKit Bug Importer 2020-06-15 16:23:09 PDT
Comment 2 Brock Mills 2020-06-15 20:52:51 PDT
Created attachment 401974 [details]
web inspector screen shot
Comment 3 Brock Mills 2020-06-15 20:55:03 PDT
This happens using Version 13.1.1 (15609. on Catalina, first time I noticed it was early Jan.

Attached screen shot shows the web inspector network tab with a POST that used CORS OPTIONS pre-flight. This request is not shown in the network tab.
Comment 4 Karen 2020-09-11 10:34:57 PDT
Please re-establish the ability to see preflight CORS OPTION requests for cached images in Safari inspector.

The inability to debug those calls is impacting troubleshooting Safari's current odd CORS error for CACHED resources like images sources that are redirects. (i.e. Canvas Instructure image src redirect to AWS S3, when cached by Safari.)
Since it's https calls, wireshark can't easily get the Safari signatures used on the https CORS OPTIONS menthod.

Example of the issue that cannot be easily debugged:
1. In Safari latest v13, Go to site https://cidilabs.instructure.com/courses/3/pages/upload-slash-embed-image-test
2. Then refresh that page to see the broken image link.

Some unsatisfactory workaround Options because the Safari CORS cache methods can't be debugged:
- Use a private Safari browser when going to a CORS redirect image page. The issue only happens when the image is cached.
- Add a terminating solidus (forward slash) to all image src links that are cached CORS redirect paths. The issue only happens when the redirect path looks like a file not a directory.
- Make the image src URL a DIFFERENT host than the page it's embedded in. The issue only happens if the cached image src redirect URL is the *same* host as the web page.
- Use FireFox or Chrome when  going to a page with a CORS image src redirect. The issue only happens with Safari.

Ref https://stackoverflow.com/questions/63141448/safari-fetch-api-cannot-load-due-to-access-control-checks-after-reload/63850653#63850653
Comment 5 Marcos G. 2021-01-29 13:21:20 PST
This would be really useful for debugging.
Comment 6 Chris F Carroll 2021-05-25 09:01:26 PDT
I don't see Vote option in Bugzilla so: +1
thankyou. Chris
Comment 7 Ryan Bagwell 2021-06-22 06:22:49 PDT
+1 for this. very frustrating devtools doesn't log OPTIONS requests.

This feature has been missing since at least Safari 11