Re: [whatwg/fetch] Define parsing for X-Content-Type-Options in detail (#818) from Gordon P. Hemsley on 2018-10-28 (public-webapps-github@w3.org from October 2018)

From: Gordon P. Hemsley <notifications@github.com>
Date: Sun, 28 Oct 2018 08:15:43 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/pull/818/review/169096565@github.com>

GPHemsley commented on this pull request.



> @@ -2498,7 +2508,32 @@ response <a for=/>header</a> can be used to require checking of a <a for=/>respo
 `<code>Content-Type</code>` <a for=/>header</a> against the <a for=request>destination</a> of a
 <a for=/>request</a>.
 
-<p>Its <a for=header>value</a> <a>ABNF</a>:
+<p>To <dfn>determine nosniff</dfn>, given a <a for=/>header list</a> <var>list</var>, run these
+steps:
+
+<ol>
+ <li><p>Let <var>value</var> be the result of <a for="header list">getting</a>
+ `<a http-header><code>X-Content-Type-Options</code></a>` from <var>list</var>.
+
+ <li><p>If <var>value</var> is null, then return false.
+
+ <li><p>Let <var>stringValue</var> be the <a>isomorphic decode</a> of <var>value</var>.
+
+ <li>
+  <p>Let <var>tokens</var> be the result of
+  <a lt="split on commas">spliting <var>stringValue</var> on commas</a>.

```suggestion
  <a lt="split on commas">splitting <var>stringValue</var> on commas</a>.
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/818#pullrequestreview-169096565

Received on Sunday, 28 October 2018 15:16:05 UTC