- From: Yutaka Hirano <notifications@github.com>
- Date: Wed, 02 Jun 2021 08:19:35 -0700
- To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 2 June 2021 15:20:31 UTC
> - unsafe-none > - credentialless > Set policy to same-origin if one of the following is true: > - response’s request-include-credentials is true and response’s type is opaque (*). > - forNavigation is true. We don't need the latter half of (*) because it's already checked at the callers. > If response’s type is "opaque" and cross-origin resource policy check with promise’s relevant settings object's origin, promise’s relevant settings object, "", and response’s internal response returns blocked, then reject promise with a TypeError and abort these steps. > https://w3c.github.io/ServiceWorker/#cache-matchall > If either request’s response tainting or response’s type is "opaque", and the cross-origin resource policy check with request’s origin, request’s client, request’s destination, and actualResponse returns blocked, then return a network error. > https://fetch.spec.whatwg.org/#concept-http-fetch -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/ServiceWorker/issues/1592#issuecomment-853117525
Received on Wednesday, 2 June 2021 15:20:31 UTC