- From: vanupam <notifications@github.com>
- Date: Mon, 06 Feb 2017 19:20:40 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/325/review/20423003@github.com>
vanupam commented on this pull request.
> @@ -3210,6 +3323,73 @@ <h4 id="should-response-to-request-be-blocked-due-to-nosniff?"><dfn title="shoul
<li>If <var>cookies</var> is not the empty string, append
`<code title=http-cookies>Cookie</code>`/<var>cookies</var> to <var>httpRequest</var>'s
<span title=concept-request-header-list>header list</span>.
+
+ <li><p>If the user agent supports <span title=concept-token-binding>Token Binding</span>,
+ build a <code title="">Sec-Token-Binding</code> <span title=concept-header>header</span>
+ by running these substeps:
+ <p class="note no-backref">A <code title="">Sec-Token-Binding</code>
+ <span title=concept-header>header</span> allows a server
+ to bind cookies that it issues to a <span title=concept-token-binding-id>Token Binding Id</span>,
+ and to verify that cookies presented by the user agent are bound to the correct
+ <span title=concept-token-binding-id>Token Binding Id</span>.
+
+ <ol>
+ <li><p>Set the <var>httpRequest</var>'s
+ <span title=concept-request-use-token-binding>use-token-binding flag</span>.
+ <li><p>Initialize <var>tokenBindingMessage</var> to null.
I will revisit this, if it is still needed after the refactor.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/325
Received on Tuesday, 7 February 2017 03:21:13 UTC