- From: Lukasz Anforowicz <notifications@github.com>
- Date: Wed, 25 Apr 2018 09:14:28 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/686/c384344794@github.com>
> I think it'll be slightly better to create a new response and copy the fields you want preserved (only status? need to double check it's okay for internal response's url list to remain empty, I suspect so) so things like trailer will be cleared and any new additions to responses would not end up being exposed. Good point - done. I wasn't quite sure which response fields should be preserved: - type needs to be preserved (e.g. a response should remain opaque after CORB) - I think that url and url list should be preserved (in case some url decisions need to be made later) - I believe that we want to preserve "status" to minimize observable impact of CORB. And if we preserve "status" then we probably also should preserve "status message" - I am not sure about "HTTPS state", "CSP list" and "location URL" - maybe these should be preserved? - There is no point in preserving "CORS-exposed header-name list" because we remove all the headers. Also - I wasn't sure how to best describe injecting of a new response (and preserving/copying of a few, explicitly selected fields). What I have probably works, but feels a bit verbose and clumsy (not sure if introducing all the new variable names is really needed). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/686#issuecomment-384344794
Received on Wednesday, 25 April 2018 16:14:51 UTC