[whatwg/fetch] Specify how/if response status code & content type are exposed for cross-origin navigations (Issue #1602) from Noam Rosenthal on 2023-02-07 (public-webapps-github@w3.org from February 2023)

From: Noam Rosenthal <notifications@github.com>
Date: Mon, 06 Feb 2023 23:02:53 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/1602@github.com>

Currently the spec relies on opaque filtered responses to hide response status code and mime type from resource timing.
However, this does not work for iframes because their responses are not opaque & filtered.

In the chromium implementation we hide these information for cross-origin iframes or for iframes with cross-origin redirects.
We should either do that or specify something else and change the implementation.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1602
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/issues/1602@github.com>

Received on Tuesday, 7 February 2023 07:03:05 UTC