- From: Anne van Kesteren <notifications@github.com>
- Date: Mon, 22 Feb 2016 03:35:31 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/221/r53613705@github.com>
> @@ -2847,11 +2857,13 @@ <h4 id="should-response-to-request-be-blocked-due-to-nosniff?"><dfn title="shoul > <!-- XXX xref HTTP cache --> > > <li> > - <p>If <var>credentials flag</var> is set and <var>response</var>'s > - <span title=concept-response-header-list>header list</span> contains one or more > - <span title=concept-header>headers</span> <span title=concept-header-name>named</span> > - `<code title>Set-Cookie</code>`, update the cookies. <span data-anolis-ref>COOKIES</span> > - <!-- XXX proper hook? --> > + <p>If <var>credentials flag</var> is set, and the user agent is not configured to block cookies for > + <var>httpRequest</var> (see <a href="https://tools.ietf.org/html/rfc6265#section-7">Section 7</a> of > + <span data-anolis-ref>COOKIES</span>), then execute the "set-cookie-string" algorithm defined in > + <a href="https://tools.ietf.org/html/rfc6265#section-5.2">Section 5.2</a> of > + <span data-anolis-ref>COOKIES</span> on the <span title=concept-header-value>value</span> > + of each <var>header</var> <span title=concept-header-name>named</span> `<code title>Set-Cookie</code>` > + contained in <var>response</var>'s <span title=concept-response-header-list>header list</span>. Perhaps it's better to list there being `Set-Cookie` headers as the requirement and then have "then for each such header, run x on its value" or something like that. Now it's not super clear what happens if there are no such headers. --- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/221/files#r53613705
Received on Monday, 22 February 2016 11:35:58 UTC