- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 29 Nov 2023 05:49:35 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 29 November 2023 13:49:41 UTC
@annevk commented on this pull request. > + <li> + <p>Optionally, run <a>upgrade an HTTP request</a> algorithm on <var>request</var>. + + <p class=note>HTTPS upgrading only applies to requests with <a>HTTP(S) scheme</a>s, but it's done + in <a>main fetch</a> instead of <a>HTTP fetch</a> to ensure that + <a>upgrade a mixed content <var>request</var> to a potentially trustworthy URL, if appropriate</a> + step runs next and applies to the upgraded request. + Thank you! That does appear to be correct and does seem like something we ought to address (and test!). Also reading this again the rationale here is flawed as HTTPS upgrading only applies when the destination is "document" whereas Mixed Content upgrading only applies for media destinations. So that needs fixing as well. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1655#discussion_r1409309857 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1655/review/1755315512@github.com>
Received on Wednesday, 29 November 2023 13:49:41 UTC