Re: [whatwg/fetch] Integrate with new draft cookie spec (draft-annevk-johannhof-httpbis-cookies/00+ε) (PR #1807)

@annevk commented on this pull request.



> @@ -1938,6 +1957,10 @@ not always relevant and might require different behavior.
 "<code>client</code>" or an <a for=/>origin</a>. Unless stated otherwise it is
 "<code>client</code>".
 
+<p>A <a for=/>request</a> has an associated
+<dfn export for=request id=concept-request-navigation-initiator-origin>top-level navigation initiator origin</dfn>,

Leave out the ID please. For new `<dfn>`s we generally let Bikeshed generate the ID.

> @@ -2226,31 +2249,39 @@ or "<code>object</code>".
 <hr>
 
 <div algorithm>
-<p>A <a for=/>request</a> <var>request</var> has a
-<dfn for=request id=concept-request-tainted-origin>redirect-tainted origin</dfn> if these steps
-return true:
+<p>To compute the <dfn for=request id=concept-request-redirect-taint>redirect-taint</dfn> of a

```suggestion
<p>To compute the <dfn for=request id=concept-request-tainted-origin>redirect-taint</dfn> of a
```
Here we want to preserve the original ID so people can learn it got refactored.

> +<p>The `<code>Cookie</code>` header is largely defined in its own specification. [[COOKIES]].
+We define infrastructure to be able to use them conveniently here.

```suggestion
<p>The `<code>Cookie</code>` header is largely defined in its own specification. We define
additional infrastructure to be able to use them conveniently here. [[COOKIES]]
```

> @@ -4227,6 +4259,135 @@ prefetch, or to treat it differently when counting page visits.
 
 
 
+<h2 id=cookies>Cookies</h2>
+
+<h3 id=cookie-header>`<code>Cookie</code>` header</h3>
+
+<p>The `<code>Cookie</code>` header is largely defined in its own specification. [[COOKIES]].
+We define infrastructure to be able to use them conveniently here.
+
+<div algorithm>
+<p>To <dfn id=append-a-request-cookie-header>append a request `<code>Cookie</code>` header</dfn>,

No ID needed.

> +  <a for=request>current URL</a>'s <a for=url>path</a>, |httpOnlyAllowed|, and |sameSite|.
+
+  <p class=note>The cookie store returns an ordered list of cookies
+
+ <li><p>If |cookies| <a for="list">is empty</a>, then return.
+
+ <li><p>Let |value| be the result of running <a>serialize cookies</a> given |cookies|.
+
+ <li><p><a for="header list">Append</a> (`<code>Cookie</code>`, <var>value</var>) to
+ <var>request</var>'s <a for=request>header list</a>.
+</ol>
+</div>
+
+<div algorithm>
+<p>To
+<dfn id=parse-and-store-response-cookie-headers>parse and store response `<code>Set-Cookie</code>` headers</dfn>,

No ID needed.

> +<div algorithm>
+<p> To <dfn export>clear site cookies</dfn> for <a for=/>origin</a> <var>origin</var>, run these steps:
+
+<ol>
+ <li><p>Remove all cookies that were stored with a host is either equal to |origin|'s <a for=url>host</a>,
+ or have a <a>registrable domain</a> equal to |origin|'s <a for=url>host</a>'s <a>registrable domain</a>.
+
+ <p class=XXX>The cookie specification doesn't yet have a way to do this algorithmically, so we
+ settle for this definition.
+</ol>
+</div>

I've lost track of why we want this in v1. I think if we have something like this we also need something that calls it. Perhaps it's easier after all to leave this as follow-up? Apologies if I was the one pushing for this, but I don't think this is what I had in mind.

> + <li><p>Return "<code>StrictOrLess</code>".
+</ol>
+</div>
+
+<div algorithm>
+<p> To <dfn export>clear site cookies</dfn> for <a for=/>origin</a> <var>origin</var>, run these steps:
+
+<ol>
+ <li><p>Remove all cookies that were stored with a host is either equal to |origin|'s <a for=url>host</a>,
+ or have a <a>registrable domain</a> equal to |origin|'s <a for=url>host</a>'s <a>registrable domain</a>.
+
+ <p class=XXX>The cookie specification doesn't yet have a way to do this algorithmically, so we
+ settle for this definition.
+</ol>
+</div>
+

Too many newlines have disappeared in front of this `<h2>`.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/1807#pullrequestreview-2850728720
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/pull/1807/review/2850728720@github.com>

Received on Monday, 19 May 2025 13:19:30 UTC