Open osher opened 3 hours ago
๐ค since this header is being usually set automatically and is not provided by the user-code,
Alternatively - the page can clarify it lists only headers that can be provided by the user-code, ๐คจ but that will raise questions that will be answered by giving content-length
as an example... ๐
P.S: Although cors is a browser thing, keep a point-of-view that does not take browser as a given. I got to this page from exploring fetch
for a sever code.
MDN URL
https://developer.mozilla.org/en-US/docs/Glossary/CORS-safelisted_request_header
What specific section or headline is this issue about?
CORS-safelisted request header
What information was incorrect, unhelpful, or incomplete?
It does not list the
Content-Length
headerWhat did you expect to see?
Content-Length
to at least be mentionedDo you have any supporting links, references, or citations?
I found this issue that sais that Content-Length was accepted as a safe-cors header: https://github.com/mdn/content/issues/2503
Do you have anything more you want to share?
I know
Content-Length
is set automatically, but it's an essential part of the protocol and it is safe-listed - I believe it should at least be mentioned...