Skip to content
Permalink
Browse files

Call out to Referrer Policy to set policy on redirect

Before following a redirect, Fetch should call out to Referrer Policy to
update the referrer policy on the request, if necessary. (In particular,
this applies when the redirect response contains a Referrer-Policy
header.)

This integration is described in
https://w3c.github.io/webappsec-referrer-policy/#integration-with-fetch,
though it needs to be updated per
w3c/webappsec-referrer-policy#59.

Fixes #334.

PR: #335
  • Loading branch information...
estark37 authored and annevk committed Jul 15, 2016
1 parent 674b4d3 commit a8f1cd5ae2d080ee4e1e8e02b68e8ec6ae2c2833
Showing with 11 additions and 1 deletion.
  1. +6 −1 Overview.html
  2. +5 −0 Overview.src.html
@@ -7,7 +7,7 @@

<p><a class="logo" href="https://whatwg.org/"><img alt="WHATWG" height="100" src="https://resources.whatwg.org/logo-fetch.svg" width="100"></a>
<h1 id="cors">Fetch</h1>
<h2 class="no-num no-toc" id="living-standard-—-last-updated-18-july-2016">Living Standard — Last Updated 18 July 2016</h2>
<h2 class="no-num no-toc" id="living-standard-—-last-updated-19-july-2016">Living Standard — Last Updated 19 July 2016</h2>

<dl>
<dt>Participate:
@@ -3143,6 +3143,10 @@ <h3 id="http-redirect-fetch"><span class="secno">5.4 </span>HTTP-redirect fetch<
<a href="#concept-response-location-url" title="concept-response-location-url">location URL</a> to <var>request</var>'s
<a href="#concept-request-url-list" title="concept-request-url-list">url list</a>.

<li><p>Invoke
<a href="https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect">set <var>request</var>'s referrer policy on redirect</a>
on <var>request</var> and <var>actualResponse</var>. <a href="#refsREFERRER">[REFERRER]</a>

<li>
<p>Return the result of performing a <a href="#concept-main-fetch" title="concept-main-fetch">main fetch</a> using
<var>request</var>, with the <i>CORS flag</i> set if set, and the <i>recursive flag</i> set.
@@ -5628,6 +5632,7 @@ <h2 class="no-num" id="acknowledgments">Acknowledgments</h2>
Dean Jackson,
Doug Turner,
Ehsan Akhgari,
Emily Stark,
Eric Lawrence,
Frank Ellerman,
Frederick Hirsch,
@@ -3071,6 +3071,10 @@ <h3>HTTP-redirect fetch</h3>
<span title=concept-response-location-url>location URL</span> to <var>request</var>'s
<span title=concept-request-url-list>url list</span>.

<li><p>Invoke
<a href=https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect>set <var>request</var>'s referrer policy on redirect</a>
on <var>request</var> and <var>actualResponse</var>. <span data-anolis-ref>REFERRER</span>

<li>
<p>Return the result of performing a <span title=concept-main-fetch>main fetch</span> using
<var>request</var>, with the <i>CORS flag</i> set if set, and the <i>recursive flag</i> set.
@@ -5464,6 +5468,7 @@ <h2 class=no-num>Acknowledgments</h2>
Dean Jackson,
Doug Turner,
Ehsan Akhgari,
Emily Stark,
Eric Lawrence,
Frank Ellerman,
Frederick Hirsch,

0 comments on commit a8f1cd5

Please sign in to comment.
You can’t perform that action at this time.