Re: [w3c/manifest] Allow manifest processing to be invoked without going through an HTML document (PR #1069) from Marcos Cáceres on 2023-04-27 (public-webapps-github@w3.org from April 2023)

From: Marcos Cáceres <notifications@github.com>
Date: Wed, 26 Apr 2023 17:16:11 -0700
To: w3c/manifest <manifest@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/manifest/pull/1069/review/1403006033@github.com>

@marcoscaceres commented on this pull request.



> +            <li>there was at least one page which is [=same origin=] as
+            |document URL:URL| that has a [^link^] element
+            |linkElement:HTMLLinkElement| with a [^link/rel^] of
+            [^link/rel/manifest^] and a [^link/href^] that resolves to
+            |manifest URL:URL|, and that
+            </li>
+            <li>if |manifest URL| is not [=same origin=] as |document URL|, the
+            |bodyBytes:byte sequence| data was fetched with a [=CORS Request=]
+            whose <a data-xref-type="http-header">`Origin`</a> is |document
+            URL|'s [=url/origin=], and whose [=Request/credentials mode=] is
+            set to the [=CORS settings attribute credentials mode=] for
+            |linkElement|'s [^link/crossorigin^] attribute.
+            </li>
+          </ul>
+          <p>
+            (The [[HTML]] steps automatically ensure this.)

I wonder if you can can say this directly in the above (something like, "In keeping with [[HTML]] behavior..." or something). It's a bit risky in case it gets moved or whatever, but should be ok... it will also make it more clear what "it" is. 

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/manifest/pull/1069#pullrequestreview-1403006033
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/manifest/pull/1069/review/1403006033@github.com>

Received on Thursday, 27 April 2023 00:16:16 UTC