Re: [whatwg/fetch] Integrate with new draft cookie spec (draft-annevk-johannhof-httpbis-cookies/00+ε) (PR #1807)

@annevk commented on this pull request.



>  
    <li>Set <var>lastURL</var> to <var>url</var>.
   </ol>
 
- <li>Return false.
+ <li>Return <var>computedTaint</var>.

```suggestion
 <li><p>Return <var>computedTaint</var>.
```

> @@ -2372,8 +2403,8 @@ source of security bugs. Please seek security review for features that deal with
  "<a for="embedder policy value"><code>credentialless</code></a>", then return true.</p>
 
  <li><p>If <var>request</var>'s <a for=request>origin</a> is <a>same origin</a> with
- <var>request</var>'s <a for=request>current URL</a>'s <a for=url>origin</a> and <var>request</var>
- does not have a <a for=request>redirect-tainted origin</a>, then return true.</p>
+ <var>request</var>'s <a for=request>current URL</a>'s <a for=url>origin</a> and <var>request</var>'s
+ <a for=request>redirect-taint</a> is not "<code>same-origin</code>", then return true.</p>

```suggestion
 <a for=request>redirect-taint</a> is not "<code>same-origin</code>", then return true.
```

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1807#pullrequestreview-2767999955
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/pull/1807/review/2767999955@github.com>

Received on Tuesday, 15 April 2025 12:10:25 UTC