- From: Mike West <notifications@github.com>
- Date: Wed, 09 Mar 2016 05:20:14 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/237/r55515981@github.com>
> @@ -4108,9 +4136,18 @@ <h3 id="request-class"><span class="secno">6.3 </span>Request class</h3> > <code title="">credentials</code> member if it is present, and > <var>fallbackCredentials</var> otherwise. > > - <li><p>If <var>credentials</var> is non-null, set <var>request</var>'s > - <a href="#concept-request-credentials-mode" title="concept-request-credentials-mode">credentials mode</a> to > - <var>credentials</var>. > + <li><p>If <var>credentials</var> is non-null: > + > + <ol> > + <li>If <var>credentials</var> is a > + <a href="https://w3c.github.io/webappsec-credential-management/#interfaces-credential-types-passwordcredential">PasswordCredential</a>, > + set <var>request</var>'s <a href="#concept-request-credentials-mode" title="concept-request-credentials-mode">credentials mode</a> to > + "<code title="">attached-credential</code>", and <var>request</var>'s > + <a href="#concept-request-attached-credential" title="concept-request-attached-credential">attached credential</a> to For clarity: the body extraction would fail if the request and the credential weren't same-registrable domain. That would result in a network error being returned from HTTP-network-or-cache fetch. If y'all would prefer to throw during creation, we could also do that check in https://fetch.spec.whatwg.org/#dom-request, somewhere after step 12. --- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/237/files#r55515981
Received on Wednesday, 9 March 2016 13:20:51 UTC