Re: [whatwg/fetch] Integrate CORP and COEP (#1030) from Yutaka Hirano on 2020-06-11 (public-webapps-github@w3.org from June 2020)

From: Yutaka Hirano <notifications@github.com>
Date: Thu, 11 Jun 2020 01:26:13 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/pull/1030/review/428697092@github.com>

@yutakahirano commented on this pull request.



> + <li><p>If the <a>cross-origin resource policy internal check</a> with <var>origin</var>,
+ <var>embedderPolicy</var>'s value, <var>response</var>, and <var>forNavigation</var> returns
+ <b>allowed</b>, then return <b>allowed</b>.
+
+ <li><p><a>Queue a cross-origin embedder policy CORP violation report</a> with <var>response</var>,
+ <var>settingsObject</var>, and false.
+
+ <li><p>Return <b>blocked</b>.
+</ol>
+
+<p class="note no-backref">Only HTML's navigate algorithm uses this check with
+<var>forNavigation</var> set to true, and it's always for nested navigations. Otherwise,
+<var>response</var> is either the <a for=internal>internal response</a> of an
+<a>opaque filtered response</a> or a <a for=/>response</a> which will be the
+<a for=internal>internal response</a> of an
+<a>opaque filtered response</a>. [[HTML]]

Done.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1030#discussion_r438623932

Received on Thursday, 11 June 2020 08:26:26 UTC