Re: [fetch] Update Fetch with shiny, new CSP hooks (#140) from Mike West on 2015-10-14 (public-webapps-github@w3.org from October 2015)

From: Mike West <notifications@github.com>
Date: Wed, 14 Oct 2015 00:22:53 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Message-ID: <whatwg/fetch/pull/140/r41961973@github.com>

> @@ -2087,6 +2094,11 @@ <h4 id="should-response-to-request-be-blocked-due-to-nosniff?"><dfn title="shoul
>       "<code title>manual</code>" and <var title>response</var>'s
>       <span title=concept-response-type>type</span> is "<code title>opaqueredirect</code>".
>      </ul>
> +
> +   <li>
> +     <p>Execute <a href=https://w3c.github.io/webappsec-csp/set-response-policy-list>Set
> +     <var title>response</var>'s policy list</a> on <var title>response</var>.
> +     <span data-anolis-ref>CSP</span>

I've taken a stab at this in the current Fetch patch, and poked at the CSP side in https://github.com/w3c/webappsec-csp/commit/0545ae08d6c74788f006e07b2b991bbf925c9691. WDYT?

---
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/140/files#r41961973

Received on Wednesday, 14 October 2015 07:23:29 UTC