Re: [whatwg/fetch] More CORB-protected MIME types - adding protected types one-by-one. (#860) from Lukasz Anforowicz on 2019-01-23 (public-webapps-github@w3.org from January 2019)

From: Lukasz Anforowicz <notifications@github.com>
Date: Wed, 23 Jan 2019 19:47:43 +0000 (UTC)
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/860/456940921@github.com>

> I do think it would be nice if we could switch the error handling as per #727. Currently CORB sticks out a bit and I don't think it's needed, even though the change would be somewhat observable.

Hmmm... maybe this could be approach by changing how Fetch spec describes handling of "Cross-Origin-Resource-Policy" header (i.e. CORP not CORB).  CORP already results in errors.  And we could add new steps between steps 2 and 3 (after checking that this is a cross-origin, no-cors request) saying:
- Extract "Content-Type"
- If "Content-Type" is "PDF" (or X, Y, Z), then return "blocked".

WDYT?

cc @johnwilander @youennf 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/860#issuecomment-456940921

Received on Wednesday, 23 January 2019 19:48:07 UTC