Re: [whatwg/fetch] Script-created redirects responses have no location URL (#1146)

This seems to work in Safari:
```
const response = new Response(null, { status: 302 });
response.headers.set("Location", "https://example.com/");
```

So, yeah, I agree with you that Safari's behavior seems to be just a later resolution.

> If they parse late [...] this would require no changes to the specification (response's URL would be null and passing null into the URL parser for the base URL does the right thing).

Would it? We'd at least need to move the location resolution logic from the end of HTTP fetch to the top of HTTP-redirect fetch, right? (At which point we don't need to store a location URL on the response at all.) Or do you just mean the actual steps wouldn't have the change?

Anyway, that seems reasonable to me. There is a compat risk for Chrome/Firefox in that script-constructed relative redirects would now break, but hopefully that risk is low. And if we're worried, we can start by implementing option (3), to be *almost* spec-compliant, measure the delta to option (4), and then flip that switch.

(I'm not very worried about the delta between Chrome/Firefox's current behavior to option (3). That only matters for really pathological cases if you rewrote one network fetch to another network fetch and somehow expected the relative redirect to still work.)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1146#issuecomment-769389419

Received on Thursday, 28 January 2021 21:00:49 UTC