Call out to Referrer Policy to set policy on redirect

Before following a redirect, Fetch should call out to Referrer Policy to update the referrer policy on the request, if necessary. (In particular, this applies when the redirect response contains a Referrer-Policy header.) This integration is described in https://w3c.github.io/webappsec-referrer-policy/#integration-with-fetch, though it needs to be updated per w3c/webappsec-referrer-policy#59. Fixes #334. PR: #335
whatwg · Jul 19, 2016 · a8f1cd5 · a8f1cd5
1 parent 674b4d3
commit a8f1cd5
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/Overview.html b/Overview.html
@@ -7,7 +7,7 @@
 
 <p><a class="logo" href="https://whatwg.org/"><img alt="WHATWG" height="100" src="https://resources.whatwg.org/logo-fetch.svg" width="100"></a>
 <h1 id="cors">Fetch</h1>
-<h2 class="no-num no-toc" id="living-standard-—-last-updated-18-july-2016">Living Standard — Last Updated 18 July 2016</h2>
+<h2 class="no-num no-toc" id="living-standard-—-last-updated-19-july-2016">Living Standard — Last Updated 19 July 2016</h2>
 
 <dl>
  <dt>Participate:
@@ -3143,6 +3143,10 @@ <h3 id="http-redirect-fetch"><span class="secno">5.4 </span>HTTP-redirect fetch<
  <a href="#concept-response-location-url" title="concept-response-location-url">location URL</a> to <var>request</var>'s
  <a href="#concept-request-url-list" title="concept-request-url-list">url list</a>.
 
+ <li><p>Invoke
+ <a href="https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect">set <var>request</var>'s referrer policy on redirect</a>
+ on <var>request</var> and <var>actualResponse</var>. <a href="#refsREFERRER">[REFERRER]</a>
+
  <li>
   <p>Return the result of performing a <a href="#concept-main-fetch" title="concept-main-fetch">main fetch</a> using
   <var>request</var>, with the <i>CORS flag</i> set if set, and the <i>recursive flag</i> set.
@@ -5628,6 +5632,7 @@ <h2 class="no-num" id="acknowledgments">Acknowledgments</h2>
 Dean Jackson,
 Doug Turner,
 Ehsan Akhgari,
+Emily Stark,
 Eric Lawrence,
 Frank Ellerman,
 Frederick Hirsch,

diff --git a/Overview.src.html b/Overview.src.html
@@ -3071,6 +3071,10 @@ <h3>HTTP-redirect fetch</h3>
  <span title=concept-response-location-url>location URL</span> to <var>request</var>'s
  <span title=concept-request-url-list>url list</span>.
 
+ <li><p>Invoke
+ <a href=https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect>set <var>request</var>'s referrer policy on redirect</a>
+ on <var>request</var> and <var>actualResponse</var>. <span data-anolis-ref>REFERRER</span>
+
  <li>
   <p>Return the result of performing a <span title=concept-main-fetch>main fetch</span> using
   <var>request</var>, with the <i>CORS flag</i> set if set, and the <i>recursive flag</i> set.
@@ -5464,6 +5468,7 @@ <h2 class=no-num>Acknowledgments</h2>
 Dean Jackson,
 Doug Turner,
 Ehsan Akhgari,
+Emily Stark,
 Eric Lawrence,
 Frank Ellerman,
 Frederick Hirsch,