main
Name already in use
Commits on Jan 26, 2023
Commits on Jan 25, 2023
-
Editorial: remove prefetch-src
It was removed by CSP: w3c/webappsec-csp#582.
-
Body sizes should be CORS rather than TAO protected
The encoded/decoded body size relate to the resource, not to the timing. Tests: web-platform-tests/wpt#37884 & web-platform-tests/wpt#37257. This is part of w3c/resource-timing#220 (comment). Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Commits on Jan 17, 2023
-
Complements whatwg/html#8111. Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
-
Define Sec-Purpose: prefetch header
This replaces the existing `Purpose: prefetch` and `x-moz: prefetch` headers. Tests: web-platform-tests/wpt#35707. Part of whatwg/html#8111. Closes w3c/webappsec-fetch-metadata#84 and w3c/resource-hints#74. Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Commits on Jan 13, 2023
-
Editorial: add <div algorithm> wrappers to Fetching
Related to: #1526. Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Commits on Jan 10, 2023
Commits on Jan 3, 2023
-
Editorial: correct keepalive note
Also remove the no-backref class throughout as it's meaningless.
-
-
Use internal response for Server-Timing processing
The Server-Timing header data is protected by the Timing-Allow-Origin header, so there's no need to safelist it through CORS, unless you wanted direct access to the raw header. Tests: web-platform-tests/wpt#37714. Closes #1511. Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Commits on Dec 22, 2022
-
Editorial: stop using promises in internal algorithms
They are not designed for that and don't work well (e.g., resolve expects a JS value). Follows whatwg/streams#1250 and addresses the Fetch part of whatwg/streams#1178. Closes #1568. Co-authored-by: Domenic Denicola <d@domenic.me> Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Commits on Dec 21, 2022
Commits on Dec 19, 2022
Commits on Dec 15, 2022
-
- Renames the request priority concept to internal priority and "adds" priority for usage by APIs. - Adds a new priority member to RequestInit for specifying a priority hint. These changes combined with whatwg/html#8470 obsolete the Priority Hints specification: https://wicg.github.io/priority-hints/. Tests: https://chromium-review.googlesource.com/c/chromium/src/+/4097472. Fixes #1319. Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Commits on Dec 14, 2022
Commits on Dec 12, 2022
Commits on Dec 7, 2022
Commits on Dec 1, 2022
Commits on Nov 28, 2022
Commits on Nov 25, 2022
Commits on Nov 24, 2022
Commits on Nov 23, 2022
-
Refactor forbidden request-headers
This change makes several changes: * Makes "get, decode, and split" callable with a value. This is generally not advisable so this is not exported. * Generalizes forbidden header name to forbidden request-headers so it can target values for specific headers. * Takes advantage of that for X-HTTP-Method, X-HTTP-Method-Override, and X-Method-Override. Tests: WPT fetch/api/basic/request-forbidden-headers.any.js. XHR PR: whatwg/xhr#362.
Commits on Nov 22, 2022
-
And consistify callsite of no-CORS-safelisted request-header.
Commits on Nov 8, 2022
Commits on Nov 2, 2022
-
Update to use navigables instead of browsing contexts
Follows whatwg/html#6315. One reference remains to "target browsing context" which probably requires HTML-side updates first.