- From: vanupam <notifications@github.com>
- Date: Thu, 16 Mar 2017 11:11:21 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/325/review/27417522@github.com>
vanupam commented on this pull request. > +<a for=request>use-referred-token-binding flag</a> +controls whether the user agent will send the +<a for=/>token binding ID</a> +used by the user agent with the referring <a for=request>origin</a>, +in addition to the <a for=/>token binding ID</a> used by the +user agent with the <a for=request>origin</a>, when it transmits the +<a for=/>request</a> to the server. + +<p>A <a for=/>request</a> has an associated +<dfn export for=request id=concept-request-referred-token-binding-origin>referred-token-binding-origin</dfn>, +which is an <a for=request>origin</a>. Unless stated otherwise, it is null. + +<p class="note no-backref"><a for=/>Request</a>'s +<a for=request>referred-token-binding-origin</a> +specifies the <a for=request>origin</a> used to compute the <a for=/>referred token Binding ID</a>, +when its <a for=request>use-referred-token-binding flag</a> is set. Every redirect in a redirect chain is handled independently (the server sending the redirect response only controls disclosure to the server that it is redirecting to) I updated this section as well as a note in the "Http-redirect-fetch" section. Please let me know if I can clarify further. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325#discussion_r106492564
Received on Thursday, 16 March 2017 18:11:58 UTC