From d30032e1a439089460a6801987a7748d8d6de010 Mon Sep 17 00:00:00 2001 From: Mike West Date: Thu, 18 Feb 2016 12:28:39 +0100 Subject: [PATCH] Allow POSTs to same eTLD+1 endpoints. --- index.html | 6 ++++-- index.src.html | 16 +++++++++++----- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/index.html b/index.html index 88577f2..812ce84 100644 --- a/index.html +++ b/index.html @@ -1246,7 +1246,7 @@

Credential Management Level 1

-

Editor’s Draft,

+

Editor’s Draft,

This version: @@ -2121,7 +2121,9 @@

init’s body member is a Credential object:
  1. -

    If r’s url is not the same as r’s client’s origin, throw a TypeError.

    +

    If r’s url’s scheme is not the same as r’s client’s origin's scheme, throw a TypeError.

    +
  2. +

    If r’s url’s host’s registerable domain is not the same as r’s client’s origin's host’s registerable domain, throw a TypeError.

  3. Set r’s redirect mode to "error".

  4. diff --git a/index.src.html b/index.src.html index 3bc8226..7c58bfa 100644 --- a/index.src.html +++ b/index.src.html @@ -1114,14 +1114,20 @@

    `Request()` constructor

  5. If |init|'s `body` member is a {{Credential}} object: - 1. If |r|'s url is not the same as |r|'s - client's {{URL/origin}}, throw a `TypeError`. + 1. If |r|'s url's scheme is not the same as |r|'s + client's {{URL/origin}}'s scheme, throw a + `TypeError`. - 2. Set |r|'s redirect mode to "`error`". + 2. If |r|'s url's host's registerable domain + is not the same as |r|'s client's + {{URL/origin}}'s host's registerable domain, throw a + `TypeError`. - 3. Set |r|'s skip-service-worker flag. + 3. Set |r|'s redirect mode to "`error`". - 4. Set |r|'s opaque flag. + 4. Set |r|'s skip-service-worker flag. + + 5. Set |r|'s opaque flag.