- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 06 Jun 2018 01:48:49 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 6 June 2018 08:49:12 UTC
@yutakahirano noticed one more place that relied request's origin becoming an opaque origin: step 5 of main fetch. I incorrectly assumed this wouldn't be a problem due to the CORS flag, but the CORS flag is not set if the initial request was same-origin. I think making the first conditional of step 5 instead read > request's current url's origin is same origin with request's origin, CORS flag is unset, and either request's tainted origin flag is unset or request's mode is not "cors" would fix this. This is somewhat related to #737. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/756
Received on Wednesday, 6 June 2018 08:49:12 UTC