- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 30 Aug 2016 01:23:27 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/325/r76749970@github.com>
> @@ -3049,6 +3084,39 @@ <h4 id="should-response-to-request-be-blocked-due-to-nosniff?"><dfn title="shoul > to `<code title>GET</code>` and <var>request</var>'s <span title=concept-request-body>body</span> > to null. > > + <li><p>Let <var>useReferredTokenBinding</var> be the result of > + <span title=concept-header-parse>parsing</span> > + `<code title>Include-Referred-Token-Binding-ID</code>` in <var>actualResponse</var>'s > + <span title=concept-response-header-list>header list</span>. > + The value of this <span title=concept-header>header</span> is specified in > + <a href="https://tools.ietf.org/id/draft-ietf-tokbind-https-05.xml#rfc.section.3.3">section 3.3</a> > + of the Token Binding over HTTP spec. > + <p class="note no-backref">By setting the <code title>Include-Referred-Token-Binding-ID</code> > + <span title=concept-header>header</span> to <var>true</var>, > + the <span title=concept-request-origin>origin</span> that sends the > + redirect <span title=concept-response>response</span> tells the user agent to disclose the > + <span title=concept-token-binding-id>Token Binding Id</span> used by the user agent with that > + <span title=concept-request-origin>origin</span> to the target > + <span title=concept-request-origin>origin</span>. I doubt you meant to use concept-request-origin twice here. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325/files/134b9885c84ccdb9656767e4b369adf010363795#r76749970
Received on Tuesday, 30 August 2016 08:24:33 UTC