- From: Michael[tm] Smith <notifications@github.com>
- Date: Sun, 10 Nov 2019 21:37:25 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 11 November 2019 05:37:28 UTC
sideshowbarker approved this pull request. > @@ -2387,13 +2387,12 @@ if the result of calling request <a for=/>header</a> indicates where a <a for=/>fetch</a> originates from. -<p class="note no-backref">The `<a http-header><code>Origin</code></a>` header is a version -of the `<code>Referer</code>` [sic] header that does not reveal a -<a for=url>path</a>. It is used for -all <a lt="HTTP fetch">HTTP fetches</a> whose <i>CORS flag</i> is -set as well as those where <a for=/>request</a>'s -<a for=request>method</a> is neither `<code>GET</code>` nor `<code>HEAD</code>`. Due to -compatibility constraints it is not included in all +<p class="note no-backref">The `<a http-header><code>Origin</code></a>` header is a version of the +`<code>Referer</code>` [sic] header that does not reveal a <a for=url>path</a>. It is used for all +<a lt="HTTP fetch">HTTP fetches</a> whose <a for=/>request</a>'s +<a for=request>response tainting</a> is "<code>cors</code>" as well as those where ```suggestion <a for=request>response tainting</a> is "<code>cors</code>", as well as those where ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/960#pullrequestreview-314702128
Received on Monday, 11 November 2019 05:37:28 UTC