/fetch

Permalink
Switch branches/tags
Nothing to show
Commits on Sep 10, 2018

  1. Editorial: use "append" to modify the header list

    @ryzokuken @annevk
    ryzokuken authored and annevk committed Sep 10, 2018 
    Use "append" instead of "set" to modify the header list, improving consistency.

Fixes #758.
    daca6a8
Commits on Aug 28, 2018

  1. Make extract throw for a disturbed/locked ReadableStream

    @annevk
    annevk committed Aug 28, 2018 
    This also introduces "safely extract" which mainly serves to make it explicit which extraction operations cannot throw.

Tests: web-platform-tests/wpt#12639.

Fixes #792.
    Verified
    This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
    GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
    1bda545
Commits on Aug 24, 2018

  1. Rename target client id to replaces client id

    @jungkees @annevk
    jungkees authored and annevk committed Aug 24, 2018 
    We had decided to change the name of FetchEvent's targetClientId to replacesClientId to clarify the meaning that this client is a to be replaced client: w3c/ServiceWorker#1091 (comment). Accordingly, this changes the name of request's target client id to replaces client id.

See also: 

* w3c/ServiceWorker#1245
* w3c/ServiceWorker#1333
* whatwg/html#3788
    4321ab6
Commits on Aug 23, 2018

  1. Editorial: be more consistent about the context object

    @annevk
    annevk committed Aug 22, 2018 
    And in general be more explicit about the objects involved.
    5bd61e0
Commits on Aug 21, 2018

  1. Editorial: url ➡️ URL

    @annevk
    annevk committed Aug 17, 2018 
    Fixes #697.
    5088fce

  2. Editorial: consistify "one of the following" usage

    @annevk
    annevk committed Aug 17, 2018
    c385007
Commits on Aug 20, 2018

  1. Editorial: use Infra maps for dictionaries

    @annevk
    annevk committed Aug 20, 2018 
    And linkify TypeError.

Fixes #513.
    Verified
    This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
    GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
    3ca2ee5
Commits on Aug 17, 2018

  1. Preserve HEAD method on 303 redirect

    @annevk
    annevk committed Aug 17, 2018 
    Tests: already tested by fetch/api/redirect/redirect-method.any.js.

Fixes #753.
    6f29b76

  2. Editorial: clarify that the ping attribute is for <a>/<area>

    @tomayac @annevk
    tomayac authored and annevk committed Aug 17, 2018
    6c1174d
Commits on Aug 16, 2018

  1. Editorial: turn CORS-preflight cache into a list

    @annevk
    annevk committed Aug 16, 2018 
    This grounds it a bit more in an Infra data structure.

Fixes #735.
    Verified
    This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
    GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
    660ac3f

  2. Strengthen requirements on CORS even further by having a maximum comb…

    @annevk
    annevk committed May 30, 2018 
    …ined value size
    e2d62ff

  3. Strengthen requirements on Headers with guard "request-no-cors"

    @annevk
    annevk committed May 30, 2018
    cb30d8c

  4. Strengthen requirements on CORS-safelisted request-headers

    @annevk
    annevk committed May 25, 2018 
    This should reduce the attack surface of non-preflighted requests quite a bit.

Tests: web-platform-tests/wpt#11432.

Fixes #382. Closes #313.
    9288c8f

  5. Meta: align .travis.yml

    @annevk
    annevk committed Aug 15, 2018
    5285100

  6. Copy priority for service worker passthrough requests

    @jakearchibald @annevk
    jakearchibald authored and annevk committed Aug 16, 2018
    b281c58
Commits on Aug 10, 2018

  1. Meta: remove Bikeshed errors

    @jyasskin @annevk
    jyasskin authored and annevk committed Aug 10, 2018
    28f06ba

  2. Clarify creation of ReadableStream objects

    @jyasskin @annevk
    jyasskin authored and annevk committed Aug 10, 2018 
    Follow-ups:

* w3c/ServiceWorker#1338
* WICG/background-fetch#104
    6b31c45
Commits on Jul 31, 2018

  1. Remove Reporting API from CORS exceptions

    @dcreager @annevk
    dcreager authored and annevk committed Jul 31, 2018 
    As of w3c/reporting#41, the Reporting spec sends CORS preflights for report uploads if the origin of the collector is different than the origin of the reports in the upload.  That means we can remove Reporting from the CORS protocol exception list.
    b3492ec
Commits on Jul 23, 2018

  1. Clarify how Headers does not support Set-Cookie

    @annevk
    annevk committed Apr 19, 2018 
    Fixes #345.
    7ab665e
Commits on Jun 21, 2018

  1. Review Draft Publication: June 2018

    @annevk @domenic
    annevk authored and domenic committed Jun 21, 2018
    e6cbef2
Commits on Jun 18, 2018

  1. Define Cross-Origin-Resource-Policy response header

    @annevk
    annevk committed Jun 18, 2018 
    This header makes it easier for sites to block unwanted "no-cors"
cross-origin requests.

Tests:

* web-platform-tests/wpt#11171
* web-platform-tests/wpt#11427
* web-platform-tests/wpt#11428

Follow-up: #760 & #767.

Fixes #687.
    Verified
    This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
    GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
    0cec471
Commits on Jun 16, 2018

  1. Stop saying HTTP authentication over WebSocket is disallowed

    @ricea @annevk
    ricea authored and annevk committed Jun 16, 2018 
    Closes #565. Follow-up: #766.
    8b070f1
Commits on Jun 15, 2018

  1. Additional reasoning for sending Accept-Encoding: identity

    @jakearchibald @annevk
    jakearchibald authored and annevk committed Jun 14, 2018
    f342c74
Commits on Jun 6, 2018

  1. Specify identity encoding for range requests

    @jakearchibald @annevk
    jakearchibald authored and annevk committed Jun 6, 2018 
    Tests: web-platform-tests/wpt#11291.

Fixes #747.
    2f3d04d
Commits on May 31, 2018

  1. Block more ports (427, 548, 6697)

    @annevk
    annevk committed May 31, 2018 
    This blocks ports used for the Apple File Protocol (427, 548) and thereby fixes #694, and blocks another IRC port (6697) as discussed in #482 and shipped by Chrome.

Tests: web-platform-tests/wpt#11249.
    Verified
    This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
    GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
    2e45674
Commits on May 30, 2018

  1. Fix variable definitions and scoping

    @jakearchibald @annevk
    jakearchibald authored and annevk committed May 30, 2018 
    Fixes #706.
    3055f13
Commits on May 29, 2018

  1. Editorial: replace UTF-8 encode with isomorphic encode

    @annevk
    annevk committed May 28, 2018 
    This more clearly indicates the input is (supposed to be) ASCII safe.
    ffbaefb

  2. Allow Range header to be set by APIs

    @jakearchibald @annevk
    jakearchibald authored and annevk committed May 29, 2018 
    This is part of #144.

The aim is to allow APIs to use the Range header for "no-cors"
requests, and allow them to pass through a service worker, but
disallow modification of these requests, and disallow developers
creating their own "no-cors" ranged requests.

Tests: web-platform-tests/wpt#10348.
    819d8c9

  3. Make CORS-preflight fetches set the CORS flag

    @annevk
    annevk committed May 28, 2018 
    Otherwise a 401 response would not necessarily result in rejection.

Fixes #741.
    9334fcb

  4. Meta: Review Draft infrastructure

    @annevk @domenic
    annevk authored and domenic committed May 29, 2018 
    See whatwg/whatwg.org#197 and whatwg/meta#92 for details.

This also updates the web-platform-tests and IRC URLs.
    fa6f2b0

  5. Add Request's isHistoryNavigation

    @yutakahirano @annevk
    yutakahirano authored and annevk committed May 29, 2018 
    And also a member on the request concept (history-navigation flag) to support this API. See w3c/ServiceWorker#1167 for the discussion that led to this.

Tests: web-platform-tests/wpt#10909.

Corresponding HTML change: whatwg/html#3674.
    bd9b4e3
Commits on May 28, 2018

  1. Editorial: move definition of "reload-navigation flag"

    @yutakahirano @annevk
    yutakahirano authored and annevk committed May 28, 2018 
    Fixes #732.
    efe088f

  2. Fix Origin header and "no-cors" redirects behavior

    @annevk
    annevk committed May 28, 2018 
    Before this change "no-cors" POST redirects would not have their Origin header value reset as appropriate for certain cross-origin redirects.

This is now accomplished by rather than resetting request's origin (which we only did for "cors" fetches and would have bad side effects if we started doing that for "no-cors"), we set request's tainted origin flag. A new flag that indicates when request's origin is tainted and needs to be serialized as null.

Tests: web-platform-tests/wpt#11164.

Fixes #593.
    Verified
    This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
    GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
    af45ce3
Commits on May 25, 2018

  1. Editorial: avoid normative keywords in domintro block

    @annevk
    annevk committed May 24, 2018
    78a8dcd
Commits on May 17, 2018

  1. CORB: protecting certain nosniff and 206 responses

    @anforowicz @annevk
    anforowicz authored and annevk committed May 17, 2018 
    CORB is an additional filter for responses of cross-origin "no-cors" 
fetches. It aims to provide defense-in-depth protection for JSON, 
HTML, XML (though not image/svg+xml), and (sometimes) text/plain 
resources against cross-process CPU exploits. It also makes it harder 
to use incorrectly labeled resources as scripts, images, fonts, etc.

Discussion and further work is tracked by #681 and #721.

Tests are in web-platform-tests's fetch/corb directory.
    794dd54