- From: Tsuyoshi Horo <notifications@github.com>
- Date: Thu, 03 Dec 2015 03:40:09 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Thursday, 3 December 2015 11:40:36 UTC
What is the credentials mode for `<img src="test.png">`? According to HTML spec, it seems to be "include". https://html.spec.whatwg.org/multipage/infrastructure.html#fetching-resources But according to this comment in Fetch spec discussion, it seems to be "same-origin". https://github.com/whatwg/fetch/issues/106#issuecomment-128735776 If my understanding is correct, there is no difference between "same-origin" and "include" when the request mode is "no-cors", because the credentials flag is set in HTTP fetch spec 4.3. https://fetch.spec.whatwg.org/#http-fetch > 3\. Let credentials flag be set if one of > - request's credentials mode is "include" > - request's credentials mode is "same-origin" and either the CORS flag is unset or response tainting is "opaque" > is true, and unset otherwise. But I want to know which is correct to write tests with Service Worker's fetch event handler. --- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/168
Received on Thursday, 3 December 2015 11:40:36 UTC