Skip to content

Commit

Permalink
Fix variable definitions and scoping
Browse files Browse the repository at this point in the history 
Fixes #706.
  • Loading branch information
@jakearchibald @annevk
jakearchibald authored and annevk committed May 30, 2018
1 parent ffbaefb commit 3055f13
Showing 1 changed file with 12 additions and 13 deletions.
25 changes: 12 additions & 13 deletions fetch.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2857,16 +2857,13 @@ with a <i>CORS flag</i> and <i>recursive flag</i>, run these steps:
<var>noCorsResponse</var>.

<li>
<p>Set <var>corbSanitizedResponse</var> to a new <a for=/>response</a> whose
<a for=response>status</a> is <var>noCorsResponse</var>'s <a for=response>status</a>,
<a for=response>HTTPS state</a> is <var>noCorsResponse</var>'s
<a for=response>HTTPS state</a>, and <a for=response>CSP list</a> is
<var>noCorsResponse</var>'s <a for=response>CSP list</a>.
<p>Return a new <a for=/>response</a> whose <a for=response>status</a> is
<var>noCorsResponse</var>'s <a for=response>status</a>, <a for=response>HTTPS state</a> is
<var>noCorsResponse</var>'s <a for=response>HTTPS state</a>, and <a for=response>CSP list</a>
is <var>noCorsResponse</var>'s <a for=response>CSP list</a>.

<p class="warning">This is only an effective defense against side channel attacks if
<var>noCorsResponse</var> is kept isolated from the process that initiated the request.

<li><p>Return <var>corbSanitizedResponse</var>.
</ol>

<dt><var>request</var>'s <a for=request>current url</a>'s
Expand Down Expand Up @@ -3500,6 +3497,12 @@ Range Requests</cite>. [[HTTP-RANGE]] However, this is not widely supported by b
<ol>
<li><p>Let <var>httpRequest</var> be null.

<li><p>Let <var>response</var> be null.

<li><p>Let <var>storedResponse</var> be null.

<li><p>Let the <var>revalidatingFlag</var> be unset.

<li>
<p>Run these steps, but <a>abort when</a> the ongoing fetch is <a for=fetch>terminated</a>:

Expand Down Expand Up @@ -3719,10 +3722,6 @@ Range Requests</cite>. [[HTTP-RANGE]] However, this is not widely supported by b
<var>httpRequest</var>'s
<a for=request>credentials mode</a>.

<li><p>Let <var>response</var> and <var>storedResponse</var> be null.

<li><p>Let the <var>revalidatingFlag</var> be unset.

<li>
<p>If <var>httpRequest</var>'s <a for=request>cache mode</a> is neither "<code>no-store</code>"
nor "<code>reload</code>", then:
Expand Down Expand Up @@ -3791,10 +3790,10 @@ Range Requests</cite>. [[HTTP-RANGE]] However, this is not widely supported by b
<li><p>If <var>httpRequest</var>'s <a for=request>cache mode</a> is
"<code>only-if-cached</code>", then return a <a>network error</a>.

<li><p>Set <var>forwardResponse</var> to the result of making an <a>HTTP-network fetch</a> using
<li><p>Let <var>forwardResponse</var> be the result of making an <a>HTTP-network fetch</a> using
<var>httpRequest</var> with <i>credentials flag</i> if set.

<li><p>If <var>httpRequest</var>'s <var>method</var> is
<li><p>If <var>httpRequest</var>'s <a for=request>method</a> is
<a href=https://tools.ietf.org/html/rfc7231#safe.methods>unsafe</a> and
<var>forwardResponse</var>'s <a for=response>status</a> is in the range <code>200</code> to
<code>399</code>, inclusive, invalidate appropriate stored responses in the HTTP cache, as per
Expand Down

0 comments on commit 3055f13

Please sign in to comment.