diff --git a/core/corehttp/hostname.go b/core/corehttp/hostname.go index 6d2955e49c4..2030989e24e 100644 --- a/core/corehttp/hostname.go +++ b/core/corehttp/hostname.go @@ -97,15 +97,6 @@ func HostnameOption() ServeOption { return } if newURL != "" { - // Just to be sure single Origin can't be abused in - // web browsers that ignored the redirect for some - // reason, Clear-Site-Data header clears browsing - // data (cookies, storage etc) associated with - // hostname's root Origin - // Note: we can't use "*" due to bug in Chromium: - // https://bugs.chromium.org/p/chromium/issues/detail?id=898503 - w.Header().Set("Clear-Site-Data", "\"cookies\", \"storage\"") - // Set "Location" header with redirect destination. // It is ignored by curl in default mode, but will // be respected by user agents that follow diff --git a/docs/config.md b/docs/config.md index 7760e98d434..f9d26273f9f 100644 --- a/docs/config.md +++ b/docs/config.md @@ -660,7 +660,6 @@ between content roots. } } ``` - Default: `false` diff --git a/test/sharness/t0114-gateway-subdomains.sh b/test/sharness/t0114-gateway-subdomains.sh index b9af0805e57..0cf4d57ae92 100755 --- a/test/sharness/t0114-gateway-subdomains.sh +++ b/test/sharness/t0114-gateway-subdomains.sh @@ -181,13 +181,6 @@ test_localhost_gateway_response_should_contain \ "http://localhost:$GWAY_PORT/ipfs/$DIR_CID/" \ "Location: http://$DIR_CID.ipfs.localhost:$GWAY_PORT/" -# Responses to the root domain of subdomain gateway hostname should Clear-Site-Data -# https://github.com/ipfs/go-ipfs/issues/6975#issuecomment-597472477 -test_localhost_gateway_response_should_contain \ - "request for localhost/ipfs/{CIDv1} returns Clear-Site-Data header to purge Origin cookies and storage" \ - "http://localhost:$GWAY_PORT/ipfs/$CIDv1" \ - 'Clear-Site-Data: \"cookies\", \"storage\"' - # We return body with HTTP 301 so existing cli scripts that use path-based # gateway do not break (curl doesn't auto-redirect without passing -L; wget # does not span across hostnames by default)