Re: [whatwg/fetch] Specify the behavior of `COEP: credentialless`, (#1229)

@ArthurSonzogni commented on this pull request.



> @@ -3507,9 +3531,23 @@ Cross-Origin-Resource-Policy     = %s"same-origin" / %s"same-site" / %s"cross-or
  <li><p>If <var>policy</var> is neither `<code>same-origin</code>`, `<code>same-site</code>`, nor
  `<code>cross-origin</code>`, then set <var>policy</var> to null.
 
- <li><p>If <var>policy</var> is null and <var>embedderPolicyValue</var> is
- "<code><a for="embedder policy value">require-corp</a></code>", then set <var>policy</var> to
- `<code>same-origin</code>`.
+ <li>
+  <p>If <var>policy</var> is null, switch on <var>embedderPolicyValue</var>:</p>
+  <dl class=switch>
+   <dt>`<a for="embedder policy value">unsafe-none</a>`
+   <dd> Do nothing.
+
+   <dt>`<a for="embedder policy value">credentialless</a>`
+   <dd> Set <var>policy</var> to `<code>same-origin</code>` if one of the following is true:

Done in https://github.com/whatwg/fetch/pull/1229/commits/89aaca1fdd377c5b10133cceb56a100ca618fd27

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1229#discussion_r713856319

Received on Wednesday, 22 September 2021 11:44:01 UTC