Re: [whatwg/fetch] "Set internalResponse’s CSP list" never sets it on the non-internal response? (#1002) from Anne van Kesteren on 2020-02-22 (public-webapps-github@w3.org from February 2020)

From: Anne van Kesteren <notifications@github.com>
Date: Sat, 22 Feb 2020 01:40:58 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/1002/589937858@github.com>

The idea is that fields that are not filtered remain the same. That probably ought to be clarified. It's also not entirely clear to me anymore why we store CSP list on responses though. Is there ever a response without a `Content-Security-Policy` header that still ends up with a CSP list?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1002#issuecomment-589937858

Received on Saturday, 22 February 2020 09:41:11 UTC