- From: Mike West <mkwst@google.com>
- Date: Mon, 18 Jan 2016 10:09:06 +0100
- To: HTTP Working Group <ietf-http-wg@w3.org>
Received on Monday, 18 January 2016 09:09:55 UTC
While we have the cookies spec open, I think we should take a closer look at how that specification interacts with others. In particular, two things come to mind: * We should formalize the integration with Fetch (see step 11.1 of https://fetch.spec.whatwg.org/#http-network-or-cache-fetch and 9.3 of https://fetch.spec.whatwg.org/#http-network-fetch). * https://w3c.github.io/webappsec-csp/cookies/ defines a scoping mechanism for `document.cookies` and `Set-Cookie` via a monkey-patch to the RFC. Putting some sort of generic policy hook into the document (either via explicit dependencies, as in that document, or via some sort of registry of delegates) seems valuable. What do you folks think? -mike
Received on Monday, 18 January 2016 09:09:55 UTC