- From: Patrick Meenan <notifications@github.com>
- Date: Wed, 14 May 2025 07:57:14 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 14 May 2025 14:57:18 UTC
pmeenan left a comment (whatwg/fetch#341) Do we actually know of any situations where uncredentialed connections are used in conjunction with credentialed connections for applications that rely on any of the connection-level credential modes? It feels like that might be an edge-case within an edge-case. If the applications would basically break because the uncredentialed requests get blocked at a connection level (assuming the other end is doing the blocking), would applying the same level of failure at the client work as an alternative? i.e. if you use connection-level credentialed authentication then all requests for the given origin need to use the same authentication mode or they start to fail when they are mixed (either by requiring auth after the fact or by using uncredentialed requests on an otherwise-credentialed origin). I'm wondering if that would still allow the edge-cases where the credentials are used today to continue working the way they do and unbind the connection-level credential logic from the per-request credential logic. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/341#issuecomment-2880561942 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/issues/341/2880561942@github.com>
Received on Wednesday, 14 May 2025 14:57:18 UTC