- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 08 Nov 2019 05:42:47 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 8 November 2019 13:42:49 UTC
annevk commented on this pull request. > +<var>response</var>, run these steps: + +<ol> + <li><p>If <var>request</var>'s <a for=request>timing allow failed flag</a> is set, then return + failure. + + <li><p>If <var>request</var>'s <a for=request>response tainting</a> is "<code>basic</code>", then return success. + + <li><p>Let <var>values</var> be the result of + <a for="header list">getting, decoding, and splitting</a> + `<code>Timing-Allow-Origin</code></a>` from <var>response</var>'s <a for=response>header list</a>. + + <li><p>If <var>values</var> contains `<code>*</code>`, then return success. + + <li><p>Let <var>serializedOrigin</var> be the result of <a>serializing a request origin</a> with + <var>request</var>. Is there a test for this scenario and browser bugs given that it sounded liked this was not yet how browsers behaved? How are we going to integrate this with the resource timing specification? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/955#pullrequestreview-314206297
Received on Friday, 8 November 2019 13:42:49 UTC