- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 12 Oct 2022 07:45:31 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/1501@github.com>
As per #1450 the intent was never to allow this. The algorithm before #1454 would yield undefined behavior for this input, but after it ended up being allowed. This change makes it clearly disallowed.
<!--
Thank you for contributing to the Fetch Standard! Please describe the change you are making and complete the checklist below if your change is not editorial.
-->
- [ ] At least two implementers are interested (and none opposed):
* …
* …
- [ ] [Tests](https://github.com/web-platform-tests/wpt) are written and can be reviewed and commented upon at:
* …
- [ ] [Implementation bugs](https://github.com/whatwg/meta/blob/main/MAINTAINERS.md#handling-pull-requests) are filed:
* Chrome: …
* Firefox: …
* Safari: …
* Deno (not for CORS changes): …
(See [WHATWG Working Mode: Changes](https://whatwg.org/working-mode#changes) for more details.)
You can view, comment on, or merge this pull request online at:
https://github.com/whatwg/fetch/pull/1501
-- Commit Summary --
* Do not CORS-safelist a Range header without a start
-- File Changes --
M fetch.bs (15)
-- Patch Links --
https://github.com/whatwg/fetch/pull/1501.patch
https://github.com/whatwg/fetch/pull/1501.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1501
You are receiving this because you are subscribed to this thread.
Message ID: <whatwg/fetch/pull/1501@github.com>
Received on Wednesday, 12 October 2022 14:45:43 UTC