- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 31 May 2022 05:09:52 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 31 May 2022 12:10:05 UTC
@annevk commented on this pull request.
> @@ -4656,19 +4941,23 @@ these steps:
<li><p>Set <var>response</var> and <var>actualResponse</var> to the result of running
<a>HTTP-network-or-cache fetch</a> given <var>fetchParams</var>.
- <li>
- <p>If <var>request</var>'s <a for=request>response tainting</a> is "<code>cors</code>" and a
- <a>CORS check</a> for <var>request</var> and <var>response</var> returns failure, then return a
- <a>network error</a>.
+ <li><p>If <var>request</var>'s <a for=request>response tainting</a> is "<code>opaque</code>",
+ <var>response</var>'s <a for=response>status</a> is not a <a>redirect status</a>, and the
+ <a>opaque-response-safelist check</a> given <var>request</var> and <var>response</var> returns
+ false, then return a <a>network error</a>.
Perhaps we should make the redirect status check part of the algorithm?
--
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1442#pullrequestreview-990331374
You are receiving this because you are subscribed to this thread.
Message ID: <whatwg/fetch/pull/1442/review/990331374@github.com>
Received on Tuesday, 31 May 2022 12:10:05 UTC