- From: Ehsan Akhgari <notifications@github.com>
- Date: Fri, 08 Mar 2019 10:33:10 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 8 March 2019 18:33:32 UTC
Step 2.6 of Main fetch (https://fetch.spec.whatwg.org/#main-fetch) currently mandates the browser to use the "no-referrer-when-downgrade" referrer policy when nothing else sets the policy. It would be nice to add a step prior to this to allow the engine to run any engine-specific rules that may apply to the `request` which would allow the engine to infer a referrer policy for it. The use case for this would be to specify the current behaviour of shipping engines such as Firefox (since version 59) which has been applying a default policy of `strict-origin-when-cross-origin` to third-party `request`s in private windows, as well as current versions of Safari which I believe do something similar for third-party origins with potential tracking capabilities (per https://webkit.org/blog/8311/intelligent-tracking-prevention-2-0/, CCing @johnwilander who would know more about that.) Firefox is interested to try to ship a similar feature to the Safari feature mentioned here too. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/879
Received on Friday, 8 March 2019 18:33:32 UTC