- From: Marijn Kruisselbrink <notifications@github.com>
- Date: Wed, 29 Jun 2016 10:54:50 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc:
- Message-ID: <whatwg/fetch/pull/329/c229435889@github.com>
> This lacks a same-origin check that I think we want. The fetch needs to actually be foreign. I'm not sure if you're handling that on the other side, but I think it would make more sense here. Happy to discuss of course. Yeah, that check does exist on the service worker spec side as well, but I agree that it makes sense to have the check here as well. I also added the "is this a subresource" check here, to make it clearer which requests actually can be intercepted by foreign fetch. > A lot of this text is copy-and-pasted from the previous major step. If the requirements are actually identical, we should do the work to make that clear without duplication. I haven't quite figured out yet whether the "network error" requirements need to be the same, but CSP definitely makes sense. Duplication is indeed unfortunate. Maybe one way to deal with this would be to move all the shared substeps to a separate step, so it roughly would be something like: 1. If [....] invoke handle fetch. 2. If response is null and [...], invoke handle foreign fetch. 3. If response is not null: 1. Set actualResponse 2. Do the network error stuff 3. Do the CSP stuff --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/329#issuecomment-229435889
Received on Wednesday, 29 June 2016 17:55:22 UTC