- From: youennf <notifications@github.com>
- Date: Wed, 10 Jan 2018 15:00:34 +0000 (UTC)
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 10 January 2018 17:17:56 UTC
I investigated how much redirect URLS with credentials are interoperable, and here is my current understanding of the landscape here based on https://github.com/w3c/web-platform-tests/pull/8976: - Firefox is following the spec (error if cors mode and load is cross origin) - Safari is stripping any credentials from a redirect URL - Chrome is erroring redirect URLs containing credentials following https://www.chromestatus.com/feature/5669008342777856. (not tested on Edge) 3 browsers, 3 different behaviors, can we try to converge here? I was hoping WebKit could be aligned with the spec. It would be good to know the rationale behind Chrome behavior. Maybe the spec should be updated accordingly. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/660
Received on Wednesday, 10 January 2018 17:17:56 UTC