- From: bvandersloot-mozilla <notifications@github.com>
- Date: Mon, 19 May 2025 05:19:35 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 19 May 2025 12:19:39 UTC
@bvandersloot-mozilla commented on this pull request. > +</div> + +<div algorithm> +<p>To <dfn id=parse-and-store-response-cookie-headers>parse and store response +`<code>Set-Cookie</code>` headers</dfn>, given a <a for=/>request</a> <var>request</var> and a +<a for=/>response</a> <var>response</var>, run these steps: + +<ol> + <li><p>If the user agent is configured to disable cookies for <var>request</var>, + then it should return. + + <li><p>Let |allowNonHostOnlyCookieForPublicSuffix| be false. + + <li><p>Let |isSecure| be false. + + <li><p>If <var>request</var>'s <a for=request>client</a> is a <a>secure context</a>, set I think it was initially the request URL's scheme in the draft I picked up. I got eager to move to `secure context` as a better concept, but see now why it wasn't :) Reverting. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1807#discussion_r2095582311 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1807/review/2850560154@github.com>
Received on Monday, 19 May 2025 12:19:39 UTC