- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 15 Apr 2025 05:10:22 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 15 April 2025 12:10:25 UTC
@annevk commented on this pull request. > <li>Set <var>lastURL</var> to <var>url</var>. </ol> - <li>Return false. + <li>Return <var>computedTaint</var>. ```suggestion <li><p>Return <var>computedTaint</var>. ``` > @@ -2372,8 +2403,8 @@ source of security bugs. Please seek security review for features that deal with "<a for="embedder policy value"><code>credentialless</code></a>", then return true.</p> <li><p>If <var>request</var>'s <a for=request>origin</a> is <a>same origin</a> with - <var>request</var>'s <a for=request>current URL</a>'s <a for=url>origin</a> and <var>request</var> - does not have a <a for=request>redirect-tainted origin</a>, then return true.</p> + <var>request</var>'s <a for=request>current URL</a>'s <a for=url>origin</a> and <var>request</var>'s + <a for=request>redirect-taint</a> is not "<code>same-origin</code>", then return true.</p> ```suggestion <a for=request>redirect-taint</a> is not "<code>same-origin</code>", then return true. ``` -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1807#pullrequestreview-2767999955 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1807/review/2767999955@github.com>
Received on Tuesday, 15 April 2025 12:10:25 UTC