Re: [resource-timing-tests] Add TAO tests for Resource Timing (#5117) from Ilya Grigorik on 2017-04-12 (public-web-platform-tests-notifications@w3.org from April 2017)

From: Ilya Grigorik <web-platform-tests-notifications@w3.org>
Date: Wed, 12 Apr 2017 21:35:39 GMT
To: public-web-platform-tests-notifications@w3.org
Message-Id: <<web-platform-tests_issue_5117_1492032939267@w3.org>>

Moving my comment from https://github.com/w3c/web-platform-tests/pull/5117/commits/5b0019f60cd5ffa97f01ecf01007434a0e5ca4a0#diff-98eb6d36ba051e3e570aaa6a0f639e7eR51 into main thread..

The expected behavior, at least per HTTP spec should be: timing allow check algorithm will pass when the HTTP response has multiple Timing-Allow-Origin header fields, and one of those values passes the origin check.

Concretely, these two cases should be identical:

```
Timing-Allow-Origin: foo.com
Timing-Allow-Origin: bar.com
-- same as --
Timing-Allow-Origin: foo.com, bar.com
```

If current implementations fail this, then thats an implementation bug.

View on GitHub: https://github.com/w3c/web-platform-tests/pull/5117#issuecomment-293714710

Received on Wednesday, 12 April 2017 21:37:52 UTC