Re: [whatwg/fetch] Deferred fetching feedback (Issue #1715)

>> "If request’s [URL](https://whatpr.org/fetch/1647.html#concept-request-url) is not a [potentially trustworthy url](https://w3c.github.io/webappsec-secure-contexts/#potentially-trustworthy-url)," This is a Mixed Content consideration and should be caught by the network layer, not the API.
> How do I do that synchronously? I basically want to allow only HTTPS+localhost-ish and throw immediately if that's not the case.

I found that HTTPS check is removed from the latest revision. Does it also need to be specified by the network layer? Shouldn't the API immediately throw if provided with an invalid URL?

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1715#issuecomment-1772064990
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/issues/1715/1772064990@github.com>

Received on Friday, 20 October 2023 04:34:17 UTC