- From: bulk88 <notifications@github.com>
- Date: Mon, 05 Feb 2024 13:17:21 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 5 February 2024 21:17:27 UTC
@bulk88 commented on this pull request. > +<div algorithm> +<p>To <dfn>upgrade an HTTP request</dfn> given a <a for=/>request</a> <var>request</var>: + +<ol> + <li> + <p>If any of the following are true: + + <ul> + <li><p><var>request</var>'s <a for="request">destination</a> is not "<code>document</code>"; + + <li><p><var>request</var>'s <a for="request">method</a> is not "<code>GET</code>"; + + <li><p><var>request</var>'s <a for="request">URL</a>'s <a for="url">scheme</a> is not + "<code>http</code>"; or + + <li><p><var>request</var>'s <a for="request">URL</a>'s <a for="url">origin</a> is exempted from So why isn't the HTTPS Upgrade opt-out mechanism defined in this spec or uselessly vauge? What if a site serves 2 different views or groups of assets, for clear vs TLS? -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1655#pullrequestreview-1763695801 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1655/review/1763695801@github.com>
Received on Monday, 5 February 2024 21:17:27 UTC