- From: Luca Casonato <notifications@github.com>
- Date: Tue, 14 Jun 2022 02:56:57 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/1453@github.com>
Following a suggestion from @annevk in #973, this adds `set-cookie` as a
forbidden request header name. The rationale here is to prevent complication of
internal data structures for internal header lists that are attached to
`Request` objects, in light of #1346.
I added a UseCounter to Chromium in January to check that this is a web
compatible change. The analysis uncovered no issues, and as such I consider that
this change is web compatible. See
https://github.com/whatwg/fetch/issues/973#issuecomment-1154958094 for more
elaboration.
- [ ] At least two implementers are interested (and none opposed):
* Deno
* …
- [ ] [Tests](https://github.com/web-platform-tests/wpt) are written and can be reviewed and commented upon at:
* …
- [ ] [Implementation bugs](https://github.com/whatwg/meta/blob/main/MAINTAINERS.md#handling-pull-requests) are filed:
* Chrome: …
* Firefox: …
* Safari: …
* Deno (not for CORS changes): …
(See [WHATWG Working Mode: Changes](https://whatwg.org/working-mode#changes) for more details.)
You can view, comment on, or merge this pull request online at:
https://github.com/whatwg/fetch/pull/1453
-- Commit Summary --
* Add `Set-Cookie` as a forbidden header name
-- File Changes --
M fetch.bs (1)
-- Patch Links --
https://github.com/whatwg/fetch/pull/1453.patch
https://github.com/whatwg/fetch/pull/1453.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1453
You are receiving this because you are subscribed to this thread.
Message ID: <whatwg/fetch/pull/1453@github.com>
Received on Tuesday, 14 June 2022 09:57:09 UTC