On Wed, Jun 11, 2014 at 7:55 PM, Jochen Eisinger <eisinger@google.com> wrote: > With a lot of help from Mike, we've put together a first draft here: > https://w3c.github.io/webappsec/specs/referrer-policy/ I think what would be best for Fetch integration is me handing you a request and you returning a URL or <i title>none</i>. I tentatively called this hook "determine referrer". That way Fetch can decide when it wants to expose this information as a header. And that way this is also a side-effect free invocation which seems preferable. See http://fetch.spec.whatwg.org/#concept-fetch for the tentative hook. Search for [REFERRER]. As for the specifics of what Referrer Policy should do I copied Ian as HTML currently has a rather evolved set of steps: http://www.whatwg.org/specs/web-apps/current-work/multipage/fetching-resources.html#fetch We should take those over somehow or Ian needs to do some handling before invoking the Fetch Standard. I don't really have a real preference there. -- http://annevankesteren.nl/Received on Thursday, 12 June 2014 09:51:49 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:39 UTC