- From: Noam Rosenthal <notifications@github.com>
- Date: Wed, 10 Jun 2026 09:38:05 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 10 June 2026 16:38:10 UTC
noamr left a comment (whatwg/fetch#1931) > > Wouldn't it be simpler to keep a list of TAO value sets and iterate over them when computing the "navigation TAO check"? > > @annevk made a similar comment earlier on. > > What we can do is something like: > > * We need the end response of the chain to have a list of lists of all the TAO values each response seen. We can get that by adding the a list of lists of past values to the redirect request and then move it to the response. > * Navigation TAO check would verify that the TAO values of each response contain "*" or destination origin, otherwise it'd fail. > > I don't know that it's simpler (and it seems like we'd be copying more values around between redirect responses), but happy to move to that model if that's simpler/easier It's simpler to read (IMO) and potentially cleaner impl wise as there is no set manipulation as you go along and it's not a dedup check for each redirect. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1931#issuecomment-4672292062 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1931/c4672292062@github.com>
Received on Wednesday, 10 June 2026 16:38:10 UTC