- From: Yoav Weiss <notifications@github.com>
- Date: Mon, 18 Mar 2019 09:20:40 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/880/c473986679@github.com>
@annevk > I haven't really put a lot of thought into that. This came to mind when I tried to remember what problems we've run into with trying to extend this in the past. In the current Client Hints PR, the CH headers are added as part of [fetch](https://whatpr.org/fetch/773/939817c...a50febc.html#concept-fetch) steps 1.8.3 IIUC, since main fetch runs below that, and this is where the safelist test happens, I'd need to move it lower, after the safelist test. I can definitely do that. And you're right that if all UA-added headers will be added below that check, there's no need to add the current clause. I'll close this PR, and shuffle things around in the CH PR. @toyoshim > Yep, since the user-agents' managed headers are injected later but before making network requests, they won't appear in the header list Yeah, I'll move my header additions lower, so that they won't require such an exception. > But, if you need to say something explicitly, can we say that 'if the header name matches the forbidden header names' rather than 'if the header name is Sec-*'? Good point, but I think we can avoid it altogether now. Thanks! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/880#issuecomment-473986679
Received on Monday, 18 March 2019 16:21:02 UTC