Bug 602482: Update XHR forbidden headers to latest spec. r=sicking a=b:betaN

--HG--
rename : content/base/test/test_bug308484.html => content/base/test/test_xhr_forbidden_headers.html

content/base/src/nsXMLHttpRequest.cpp

@@ -2763,9 +2763,11 @@ nsXMLHttpRequest::SetRequestHeader(const nsACString& header,
   if (!privileged) {
     // Check for dangerous headers
     const char *kInvalidHeaders[] = {
-      "accept-charset", "accept-encoding", "connection", "content-length",
-      "content-transfer-encoding", "date", "expect", "host", "keep-alive",
-      "referer", "te", "trailer", "transfer-encoding", "upgrade", "via"
+      "accept-charset", "accept-encoding", "access-control-request-headers",
+      "access-control-request-method", "connection", "content-length",
+      "cookie", "cookie2", "content-transfer-encoding", "date", "expect",
+      "host", "keep-alive", "origin", "referer", "te", "trailer",
+      "transfer-encoding", "upgrade", "user-agent", "via"
     };
     PRUint32 i;
     for (i = 0; i < NS_ARRAY_LENGTH(kInvalidHeaders); ++i) {

content/base/test/Makefile.in

@@ -78,7 +78,7 @@ _TEST_FILES1 = 	test_bug5141.html \
 		test_bug276037-2.xhtml \
 		test_bug298064.html \
 		bug298064-subframe.html \
-		test_bug308484.html \
+		test_xhr_forbidden_headers.html \
 		test_bug311681.xml \
 		test_bug322317.html \
 		test_bug330925.xhtml \

content/base/test/test_xhr_forbidden_headers.html

@@ -23,18 +23,24 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=308484
 var headers = [
   "aCCept-chaRset",
   "acCePt-eNcoDing",
+  "aCcEsS-cOnTrOl-ReQuEsT-mEtHoD",
+  "aCcEsS-cOnTrOl-ReQuEsT-hEaDeRs",
   "coNnEctIon",
   "coNtEnt-LEngth",
+  "CoOKIe",
+  "cOOkiE2",
   "cOntEnt-tRAnsFer-enCoDiNg",
   "DATE",
   "exPeCt",
   "hOSt",
   "keep-alive",
+  "oRiGiN",
   "reFERer",
   "te",
   "trAiLer",
   "trANsfEr-eNcoDiNg",
   "uPGraDe",
+  "user-AGENT",
   "viA",
   "pRoxy-",
   "sEc-",