Hopefully fix omit credentials mode logic. https://www.w3.org/Bugs/Pu…

…blic/show_bug.cgi?id=22150
whatwg · Jun 20, 2013 · 85b2762 · 85b2762
1 parent 67726c6
commit 85b2762
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 12 deletions.
diff --git a/Overview.html b/Overview.html
@@ -568,7 +568,7 @@ <h4 id="http-responses"><span class="secno">3.2.3 </span>HTTP responses</h4>
   <a href="#concept-request-omit-credentials-mode" title="concept-request-omit-credentials-mode">omit credentials mode</a> is
   <i title="">never</i>.
 
-  <p class="note">For a CORS preflight <a href="#concept-request" title="concept-request">request</a>'s
+  <p class="note">For a CORS preflight, <a href="#concept-request" title="concept-request">request</a>'s
   <a href="#concept-request-omit-credentials-mode" title="concept-request-omit-credentials-mode">omit credentials mode</a> is always
   <i title="">never</i>, but for any subsequent HTTP requests it might not be. Support
   therefore needs to be indicated for the CORS preflight as well.
@@ -812,7 +812,7 @@ <h3 id="basic-fetch"><span class="secno">4.1 </span>Basic fetch</h3>
    <li>
     <p>If <var title="">request</var>'s
     <a href="#concept-request-omit-credentials-mode" title="concept-request-omit-credentials-mode">omit credentials mode</a> is
-    <i title="">always</i> or <var title="">request</var>'s
+    <i title="">never</i> or <var title="">request</var>'s
     <a href="#concept-request-omit-credentials-mode" title="concept-request-omit-credentials-mode">omit credentials mode</a> is
     <i title="">CORS</i> and the <i title="">CORS flag</i> is unset, run these substeps:
 
@@ -853,12 +853,11 @@ <h3 id="basic-fetch"><span class="secno">4.1 </span>Basic fetch</h3>
   its fields appropriately.
   <!-- XXX do we need to spell this out? -->
 
-  <p>If there are cookies to be set and either the <i title="">CORS flag</i> is set and
-  <var title="">request</var>'s
+  <p>If there are cookies to be set and either <var title="">request</var>'s
   <a href="#concept-request-omit-credentials-mode" title="concept-request-omit-credentials-mode">omit credentials mode</a> is
-  <i title="">CORS</i> or <var title="">request</var>'s
+  <i title="">never</i>, or <var title="">request</var>'s
   <a href="#concept-request-omit-credentials-mode" title="concept-request-omit-credentials-mode">omit credentials mode</a> is
-  <i title="">always</i>, run these steps:
+  <i title="">CORS</i> and the <i title="">CORS flag</i> is unset, run these steps:
 
   <ol>
    <li><p>Wait until ownership of the <a class="external" href="http://www.whatwg.org/specs/web-apps/current-work/multipage/webappapis.html#storage-mutex">storage mutex</a> can
@@ -1363,6 +1362,7 @@ <h2 class="no-num" id="acknowledgments">Acknowledgments</h2>
 Glenn Maynard,
 Graham Klyne,
 Hal Lockhart,
+Hallvord R. M. Steen,
 Henri Sivonen,
 Ian Hickson,
 Janusz Majnert,

diff --git a/Overview.src.html b/Overview.src.html
@@ -542,7 +542,7 @@ <h4>HTTP responses</h4>
   <span title=concept-request-omit-credentials-mode>omit credentials mode</span> is
   <i title>never</i>.
 
-  <p class=note>For a CORS preflight <span title=concept-request>request</span>'s
+  <p class=note>For a CORS preflight, <span title=concept-request>request</span>'s
   <span title=concept-request-omit-credentials-mode>omit credentials mode</span> is always
   <i title>never</i>, but for any subsequent HTTP requests it might not be. Support
   therefore needs to be indicated for the CORS preflight as well.
@@ -786,7 +786,7 @@ <h3>Basic fetch</h3>
    <li>
     <p>If <var title>request</var>'s
     <span title=concept-request-omit-credentials-mode>omit credentials mode</span> is
-    <i title>always</i> or <var title>request</var>'s
+    <i title>never</i> or <var title>request</var>'s
     <span title=concept-request-omit-credentials-mode>omit credentials mode</span> is
     <i title>CORS</i> and the <i title>CORS flag</i> is unset, run these substeps:
 
@@ -827,12 +827,11 @@ <h3>Basic fetch</h3>
   its fields appropriately.
   <!-- XXX do we need to spell this out? -->
 
-  <p>If there are cookies to be set and either the <i title>CORS flag</i> is set and
-  <var title>request</var>'s
+  <p>If there are cookies to be set and either <var title>request</var>'s
   <span title=concept-request-omit-credentials-mode>omit credentials mode</span> is
-  <i title>CORS</i> or <var title>request</var>'s
+  <i title>never</i>, or <var title>request</var>'s
   <span title=concept-request-omit-credentials-mode>omit credentials mode</span> is
-  <i title>always</i>, run these steps:
+  <i title>CORS</i> and the <i title>CORS flag</i> is unset, run these steps:
 
   <ol>
    <li><p>Wait until ownership of the <span data-anolis-spec=html>storage mutex</span> can
@@ -1316,6 +1315,7 @@ <h2 class="no-num">Acknowledgments</h2>
 Glenn Maynard,
 Graham Klyne,
 Hal Lockhart,
+Hallvord R. M. Steen,
 Henri Sivonen,
 Ian Hickson,
 Janusz Majnert,