Bug 233854 - <link rel=preload> reuses response regardless of CORS attributes
Summary: <link rel=preload> reuses response regardless of CORS attributes
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: Page Loading (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-12-04 02:36 PST by Noam Rosenthal
Modified: 2021-12-11 02:37 PST (History)
5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Noam Rosenthal 2021-12-04 02:36:29 PST 
See new failing WPT: https://wpt.fyi/results/preload/preload-resource-match.https.html
and relevant spec: https://html.spec.whatwg.org/#consume-a-preloaded-resource

Preloaded responses should be reused/discarded based on their "as" and CORS-related attributes.
From the test, it seems like in WebKit, some resources are reused regardless of mismatching CORS attributes, and some are ignored even though all their attributes match.

This bug report is submitted as part of an effort to make the preload future more interoperable across browsers.
Comment 1 Radar WebKit Bug Importer 2021-12-11 02:37:20 PST 
<rdar://problem/86357143>