- From: npm1 <notifications@github.com>
- Date: Thu, 24 Oct 2019 12:32:00 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 24 October 2019 19:32:02 UTC
In step 10 of https://fetch.spec.whatwg.org/#concept-http-redirect-fetch it says `If actualResponse’s location URL’s origin is not same origin with request’s current URL’s origin and request’s origin is not same origin with request’s current URL’s origin, then set request’s tainted origin flag.` I thought that the tainted origin flag is meant to capture whether there are cross origin redirects, is that true? If it is, why is the second check needed? Thanks in advance! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/953
Received on Thursday, 24 October 2019 19:32:02 UTC