- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 21 Nov 2018 03:13:21 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 21 November 2018 11:13:42 UTC
annevk commented on this pull request. > + <p><a for=list>For each</a> <var>value</var> of <var>values</var>: + + <ol> + <li><p>Set <var>mimeType</var> to the result of <a lt="parse a MIME type">parsing</a> + <var>value</var>. + + <li><p>If <var>mimeType</var> is failure, then <a for=iteration>continue</a>. + + <li> + <p>If <var>mimeType</var>'s <a for="MIME type">essence</a> is not "<code>*/*</code>" or + <var>essence</var>, then: + + <ol> + <li><p>Set <var>charset</var> to null. + + <li><p>If <var>mimeType</var>'s <a for="MIME type">parameters</a>["<code>charset</code>"] So yeah, if you think that's doable it's certainly worth considering. But what if it's `*/*` or fails to parse, would we then still go to the next? If so, I'm not sure what it would buy us in terms of security. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/831#discussion_r235345878
Received on Wednesday, 21 November 2018 11:13:42 UTC