- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 21 Apr 2026 06:58:20 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 21 April 2026 13:58:24 UTC
annevk left a comment (whatwg/fetch#1924) This is normative for web developers and conformance checkers. For other implementations https://fetch.spec.whatwg.org/#concept-cors-check specifies the requirements. I think we should probably find a way to do this without RFC 6454 and RFC 3986 as neither are part of our ecosystem. Perhaps we can just find all the bytes that serialized-origin needs and also add a reference to HTML's serialization algorithm for more details? Although maybe we can be even more specific as I think CSP needs scheme, host, and port as well and presumably also wants them without dependencies on those RFCs. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1924?email_source=notifications&email_token=ACLYVMIZHBD6UQB5DVSBBBL4W547ZA5CNFSNUABFM5UWIORPF5TWS5BNNB2WEL2JONZXKZKDN5WW2ZLOOQXTIMRYHEYTCMJYG4Z2M4TFMFZW63VKON2WE43DOJUWEZLEUVSXMZLOOS2XA4S7MNXW23LFNZ2F633QMVXF6Y3MNFRWW#issuecomment-4289111873 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1924/c4289111873@github.com>
Received on Tuesday, 21 April 2026 13:58:24 UTC