whatwg / fetch

Follows whatwg/streams#1073.

This simplifies things for several callers. This also cleans up several ReadableStream object operations in the process.

Fixes #1073.

* Rename "blocked-url" to "blockedURL" (whatwg/html#5818).
* Add "disposition" (whatwg/html#5391).
* Add "destination" (whatwg/html#5391).

Fixes #1074.

(This regressed in #560.)

And remove a confusing note.

Closes #1068.

Extend the HTTP cache partitioning logic to partition the connection pool as well and introduce the network partition key as a shared primitive. There is still work remaining for various other network caches that is tracked by #917 for now. See also https://privacycg.github.io/storage-partitioning/.

It did not get significant adoption.

Part of #1062. Closes #270.

Use "this", "x steps are", and some promise hooks (more to come). Also use the relevant settings object in constructors, rather than current. (They are identical there, but it's better to encourage relevant.)

Also stop formatting statuses as code; they're numbers.

All usage of structured fields in the web platform should not distinguish between the header not being there and failing to parse per the structured field parsing algorithm.

This also aligns Fetch slightly with terminology changes in HTTP that more clearly separate headers and trailers.

A future change might rename other concepts to also align with that (e.g., header list to field list).

Fixes #1053.

As well as a typo.

Closes #894 and closes #895.

HTML now references Fetch and the old CORS specification redirects to Fetch.

Fixes #780. Fixes #976. Follows whatwg/streams#1045.

Tests: web-platform-tests/wpt#24070.

See https://github.com/shivanigithub/http-cache-partitioning.

Closes #904.

See https://github.com/whatwg/spec-factory for details.

This adds support for cross-origin embedding policy, which primarily is a way of enforcing the Cross-Origin-Resource-Policy header to be set on responses.

See also this HTML change which links tests and the various issues and standards efforts involved here: whatwg/html#5454.

The earlier added "serialize a request URL for reporting" has been replaced with "serialize a response URL for reporting" as centering things around responses was found more logical.

In particular around newlines and naming.

See https://github.com/whatwg/spec-factory for details.

As discussed in w3c/webappsec-fetch-metadata#45, this splits the "document" destination into "document", "frame", and "iframe". These destinations distinguish top-level navigation from nested navigation, and exposing this data via `Sec-Fetch-Dest` will allow developers to better understand the nature of a request.

This patch also redefines "navigation request" and "non-subresource request" to include "embed" and "object" destinations as discussed at #948 (comment). That discussion also resulted in other changes:

* whatwg/html#4976
* w3c/ServiceWorker#1486

Tests:

* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/embed.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/object.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/iframe.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/navigation.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/service-workers/service-worker/embed-and-object-are-not-intercepted.https.html

See whatwg/xhr#277.

This is useful for Cross-Origin-Embedder-Policy.

See whatwg/url#503.

See https://github.com/whatwg/spec-factory for details.

See https://github.com/whatwg/spec-factory for details.

It's a no-op at this point, but https://wicg.github.io/cross-origin-embedder-policy/ will soon make cross-origin a meaningful Cross-Origin-Resource-Policy value.

See https://github.com/whatwg/spec-factory for details.

Closes #763.

Already covered by web-platform-tests.

Fixes #990.

As discussed in #930 and WICG/cross-origin-embedder-policy#2, this adds a "get" algorithm on header lists that allows consistent extraction of structured header values.