Re: [whatwg/fetch] Allow user agents to use more permissive header validation in extensions (Issue #1878) from Dominic Farolino on 2026-05-14 (public-webapps-github@w3.org from May 2026)

From: Dominic Farolino <notifications@github.com>
Date: Wed, 13 May 2026 22:43:07 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/1878/4447975437@github.com>

domfarolino left a comment (whatwg/fetch#1878)

Sounds like most extensions implementers are OK with the prose "appropriately-privileged web extension contexts", but I tend to agree with @annevk that it'd be better to express this explicitly as a boolean on something like ESO. This gets more clean and possible as the [Web Extensions specifications get more formal](https://github.com/w3c/webextensions/tree/main/specification)—those extensions would define their creation in some way, and bootstrap their ESO with this boolean that other standards like Fetch can explicitly reference.

However, it looks like the `window.browser.bs` spec hasn't been touched in a couple of years, so before that gets updated to help formalize more of this and its permissions, I would also accept prose like "Appropriately-privileged web extension contexts" as a holdover, with the expectation that we make it more explicit when the extensions specifications catch up.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1878#issuecomment-4447975437
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/issues/1878/4447975437@github.com>

Received on Thursday, 14 May 2026 05:43:11 UTC