- From: Yutaka Hirano <notifications@github.com>
- Date: Mon, 15 Jun 2020 21:51:09 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 16 June 2020 04:51:23 UTC
@yutakahirano commented on this pull request. > +<p>To perform a <dfn export>cross-origin resource policy check</dfn>, given an <a for=url>origin</a> +<var>origin</var>, an <a for=/>environment settings object</a> <var>settingsObject</var>, a +<a for=/>response</a> <var>response</var>, and an optional boolean <var>forNavigation</var>, run +these steps: + +<ol> + <li><p>Set <var>forNavigation</var> to false if it is not given. + + <li><p>Let <var>embedderPolicy</var> be <var>settingsObject</var>'s embedder policy. + + <li> + <p>If the <a>cross-origin resource policy internal check</a> with <var>origin</var>, + "<code>unsafe-none</code>", <var>response</var>, and <var>forNavigation</var> returns + <b>blocked</b>, then return <b>blocked</b>. + + <p class="note">This is to queue only Cross-Origin Embedder Policy violation reports. Updated. Is it now clear? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1030#discussion_r440584510
Received on Tuesday, 16 June 2020 04:51:23 UTC