- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 24 Jun 2026 02:05:16 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/1931/review/4560631006@github.com>
@annevk approved this pull request. This design seemed reasonable to @achristensen07 and I so you can consider WebKit supportive. > +<a for=/>request</a> <var>request</var> and a <a for=/>response</a> <var>response</var>, run these +steps: ```suggestion <a for=/>request</a> <var>request</var> and a <a for=/>response</a> <var>response</var>: ``` > + + <li><p>Let <var>taoValues</var> be the result of + <a for="header list">getting, decoding, and splitting</a> `<code>Timing-Allow-Origin</code>` from + <var>response</var>'s <a for=response>header list</a>. + + <li><p>If <var>taoValues</var> is null, then set <var>taoValues</var> to « ». + + <li><p><a for=list>Append</a> <var>taoValues</var> to <var>request</var>'s + <a for=request>navigation timing allow check list</a>. +</ol> +</div> + +<div algorithm> +<p>To perform a <dfn export id=concept-navigation-tao-check>navigation TAO check</dfn> for a +<a for=/>response</a> <var>response</var> and an <a for=/>origin</a> +<var>destinationOrigin</var>, run these steps: ```suggestion <var>destinationOrigin</var>: ``` > @@ -2307,10 +2307,19 @@ Unless stated otherwise, it is unset. <dfn export for=request id=timing-allow-failed>timing allow failed flag</dfn>. Unless stated otherwise, it is unset. +<p>A <a for=/>request</a> has an associated +<dfn for=request>navigation timing allow check list</dfn> (a <a for=/>list</a> of instead of "check list" maybe "values list" would be nicer? > +<a for=/>response</a> <var>response</var> and an <a for=/>origin</a> +<var>destinationOrigin</var>, run these steps: + +<ol> + <li> + <p><a for=list>For each</a> <var>taoValues</var> of <var>response</var>'s + <a for=response>navigation timing allow check list</a>: + + <ol> + <li><p>If <var>taoValues</var> <a for=list>contains</a> "<code>*</code>", then + <a for=iteration>continue</a>. + + <li><p>If <var>taoValues</var> <a for=list>contains</a> <var>destinationOrigin</var>, + <a lt="ASCII serialization of an origin">serialized</a>, then <a for=iteration>continue</a>. + + <li><p>Return failure. ```suggestion <li><p>Return <a for=/>failure</a>. ``` > +<ol> + <li> + <p><a for=list>For each</a> <var>taoValues</var> of <var>response</var>'s + <a for=response>navigation timing allow check list</a>: + + <ol> + <li><p>If <var>taoValues</var> <a for=list>contains</a> "<code>*</code>", then + <a for=iteration>continue</a>. + + <li><p>If <var>taoValues</var> <a for=list>contains</a> <var>destinationOrigin</var>, + <a lt="ASCII serialization of an origin">serialized</a>, then <a for=iteration>continue</a>. + + <li><p>Return failure. + </ol> + + <li><p>Return success. ```suggestion <li><p>Return <a for=/>success</a>. ``` > +<ol> + <li><p><a for=/>Assert</a>: <var>request</var> is a <a>navigation request</a>. + + <li><p>Let <var>taoValues</var> be the result of + <a for="header list">getting, decoding, and splitting</a> `<code>Timing-Allow-Origin</code>` from + <var>response</var>'s <a for=response>header list</a>. + + <li><p>If <var>taoValues</var> is null, then set <var>taoValues</var> to « ». + + <li><p><a for=list>Append</a> <var>taoValues</var> to <var>request</var>'s + <a for=request>navigation timing allow check list</a>. +</ol> +</div> + +<div algorithm> +<p>To perform a <dfn export id=concept-navigation-tao-check>navigation TAO check</dfn> for a Let's not add new novel IDs when we don't have to. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1931#pullrequestreview-4560631006 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1931/review/4560631006@github.com>
Received on Wednesday, 24 June 2026 09:05:20 UTC