Re: [whatwg/fetch] should fetch() allow no-cors cross-origin HEAD request? (#278) from Ben Kelly on 2016-05-04 (public-webapps-github@w3.org from May 2016)

From: Ben Kelly <notifications@github.com>
Date: Wed, 04 May 2016 07:43:31 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc:
Message-ID: <whatwg/fetch/issues/278/216886969@github.com>

I think the fetch spec has to handle this case because buggy servers send bodies for HEAD requests.  Gecko implements ignoring the body in this case:

  https://dxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/nsHttpTransaction.cpp#285
  https://dxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/nsHttpTransaction.cpp#1618

So I think fetch spec should do the same.

I'm less sure about Cache.match() now.  Gecko's http cache explicitly does NOT match a HEAD request against a non-HEAD request in the http cache.  If the request is a HEAD, then the http cache'd value must also be a HEAD.  I'm not sure what other implementations do there, though.

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/278#issuecomment-216886969

Received on Wednesday, 4 May 2016 14:43:58 UTC