- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 28 Mar 2017 06:23:55 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 28 March 2017 13:24:35 UTC
annevk commented on this pull request.
> @@ -2408,6 +2408,10 @@ with a <i>CORS flag</i> and <i>recursive flag</i>, run these steps:
not <a lt="is local">local</a>, set
<var>response</var> to a <a>network error</a>.
+ <li><p>If |request|'s <a for=request>url</a>'s <a for=url>parser-removed-tab-or-newline flag</a>
+ is set, and |request|'s <a for=request>url</a> <a for=url>path</a> contains a U+003C
+ code point ("<code><</code>"), then set <var>response</var> to a <a>network error</a>.
I would be happy with the flag. I don't see how 2 and 3 can work if you want to distinguish between %3C and < on input.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/519#discussion_r108418931
Received on Tuesday, 28 March 2017 13:24:35 UTC