- From: Andrew Williams <notifications@github.com>
- Date: Fri, 25 Oct 2024 14:33:40 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/1783@github.com>
Partition Blob URL fetches by Storage Key This change updates the spec to partition Blob URL fetches by Storage Key. This change is part of broader changes discussed in https://github.com/w3c/FileAPI/issues/153#issuecomment-2330085478. Specifically, we will also: - Partition Blob URL revocation by storage key - https://github.com/w3c/FileAPI/pull/201 - Enforce noopener when a cross-top-level-site Blob URL is window.opened - TODO I considered incorporating the Storage Key checks into the "resolve a blob URL" algorithm instead, but it seemed that this would require an environment settings object to be available as part of https://url.spec.whatwg.org/#url-parsing, and I'm not sure whether that is the case / a change we want. - [x] At least two implementers are interested (and none opposed): * Firefox has already implemented this - https://github.com/w3c/FileAPI/issues/153#issuecomment-2332288047 * Safari has implemented partitioning Blob URL fetches by top-level origin and is considering partitioning them by a site-based Storage Key (Storage Key specifics TBD) - https://github.com/w3c/FileAPI/issues/153#issuecomment-2332086739 - [x] [Tests](https://github.com/web-platform-tests/wpt) are written and can be reviewed and commented upon at: * https://chromium-review.googlesource.com/c/chromium/src/+/5967596 - [ ] [Implementation bugs](https://github.com/whatwg/meta/blob/main/MAINTAINERS.md#handling-pull-requests) are filed: * Chromium: https://crbug.com/40057646 * Gecko: TODO * WebKit: TODO * Deno (not for CORS changes): TODO - [ ] [MDN issue](https://github.com/whatwg/meta/blob/main/MAINTAINERS.md#handling-pull-requests) is filed: TODO - [x] The top of this comment includes a [clear commit message](https://github.com/whatwg/meta/blob/main/COMMITTING.md) to use. <!-- If you created this PR from a single commit, Github copied its message. Otherwise, you need to add a commit message yourself. --> (See [WHATWG Working Mode: Changes](https://whatwg.org/working-mode#changes) for more details.) <!-- This comment and the below content is programmatically generated. You may add a comma-separated list of anchors you'd like a direct link to below (e.g. #idl-serializers, #idl-sequence): Don't remove this comment or modify anything below this line. If you don't want a preview generated for this pull request, just replace the whole of this comment's content by "no preview" and remove what's below. --> *** <a href="https://whatpr.org/fetch/1783.html" title="Last updated on Oct 25, 2024, 9:33 PM UTC (f4f62bf)">Preview</a> | <a href="https://whatpr.org/fetch/1783/1dc1b03...f4f62bf.html" title="Last updated on Oct 25, 2024, 9:33 PM UTC (f4f62bf)">Diff</a> You can view, comment on, or merge this pull request online at: https://github.com/whatwg/fetch/pull/1783 -- Commit Summary -- * Partition Blob URL fetches by Storage Key * Fix formatting per the style guide * Fix build and formatting * Add name to Acknowledgements section -- File Changes -- M fetch.bs (50) -- Patch Links -- https://github.com/whatwg/fetch/pull/1783.patch https://github.com/whatwg/fetch/pull/1783.diff -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1783 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1783@github.com>
Received on Friday, 25 October 2024 21:33:44 UTC