Skip to content
Permalink
Browse files
[giow] (1) withCredentials in EventSource should also affect reconnec…
…tions.

Affected topics: Server-Sent Events

git-svn-id: http://svn.whatwg.org/webapps@6841 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Dec 2, 2011
1 parent d57b369 commit 5e8f7a9675a6435de342ab40654b125cf68df09f
Showing 3 changed files with 33 additions and 36 deletions.
@@ -240,7 +240,7 @@

<header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 28 November 2011</h2>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 2 December 2011</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
@@ -76297,15 +76297,17 @@ <h4 id=the-eventsource-interface><span class=secno>10.2.2 </span>The <code><a hr
<li><p>Return the new <code><a href=#eventsource>EventSource</a></code> object, and continue
these steps in the background (without blocking scripts).</li>

<li>
<li><!-- if you change this, don't forget to update the
reconnecting fetch lower down as well! -->

<p>Do a <a href=#potentially-cors-enabled-fetch>potentially CORS-enabled fetch</a> of the
resulting <a href=#absolute-url>absolute URL</a>, with the <i>mode</i> being
<var title="">CORS mode</var>, and the <i title="">origin</i>
being the <a href=#entry-script>entry script</a>'s <a href=#origin>origin</a><!--, and
the <i>default origin behaviour</i> set to <i>fail</i> (though it
has no effect in the "Use Credentials" mode)-->, and process the
resource obtained in this fashion, if any, as described below.</p>
has no effect in the "Anonymous" and "Use Credentials" modes)-->,
and process the resource obtained in this fashion, if any, as
described below.</p>

<p class=note>The definition of the <a href=#fetch title=fetch>fetching</a> algorithm (which is used by CORS) is
such that if the browser is already fetching the resource
@@ -76514,14 +76516,11 @@ <h4 id=processing-model-5><span class=secno>10.2.3 </span>Processing model</h4>

<li><p>Perform a <a href=#potentially-cors-enabled-fetch>potentially CORS-enabled fetch</a> of
the <a href=#absolute-url>absolute URL</a> of the event source resource, with
the <i>mode</i> being <a href=#attr-crossorigin-use-credentials title=attr-crossorigin-use-credentials>Use Credentials</a>,
and the <i title="">origin</i> being the same as the
<a href=#origin>origin</a> used in the original request triggered by the
<code title=dom-EventSource><a href=#dom-eventsource>EventSource()</a></code>
constructor<!--, and the <i>default origin behaviour</i> set to
<i>fail</i> (though it has no effect in the "Use Credentials"
mode)-->, and process the resource obtained in this fashion, if
any, as described earlier in this section.</li>
the <i>mode</i><!--, the <i>default origin behaviour</i>,--> and
the <i title="">origin</i> being the same as those used in the
original request triggered by the <code title=dom-EventSource><a href=#dom-eventsource>EventSource()</a></code> constructor, and
process the resource obtained in this fashion, if any, as
described earlier in this section.</li>

</ol></li>

23 index
@@ -240,7 +240,7 @@

<header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 28 November 2011</h2>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 2 December 2011</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
@@ -76297,15 +76297,17 @@ dictionary <dfn id=eventsourceinit>EventSourceInit</dfn> {
<li><p>Return the new <code><a href=#eventsource>EventSource</a></code> object, and continue
these steps in the background (without blocking scripts).</li>

<li>
<li><!-- if you change this, don't forget to update the
reconnecting fetch lower down as well! -->

<p>Do a <a href=#potentially-cors-enabled-fetch>potentially CORS-enabled fetch</a> of the
resulting <a href=#absolute-url>absolute URL</a>, with the <i>mode</i> being
<var title="">CORS mode</var>, and the <i title="">origin</i>
being the <a href=#entry-script>entry script</a>'s <a href=#origin>origin</a><!--, and
the <i>default origin behaviour</i> set to <i>fail</i> (though it
has no effect in the "Use Credentials" mode)-->, and process the
resource obtained in this fashion, if any, as described below.</p>
has no effect in the "Anonymous" and "Use Credentials" modes)-->,
and process the resource obtained in this fashion, if any, as
described below.</p>

<p class=note>The definition of the <a href=#fetch title=fetch>fetching</a> algorithm (which is used by CORS) is
such that if the browser is already fetching the resource
@@ -76514,14 +76516,11 @@ dictionary <dfn id=eventsourceinit>EventSourceInit</dfn> {

<li><p>Perform a <a href=#potentially-cors-enabled-fetch>potentially CORS-enabled fetch</a> of
the <a href=#absolute-url>absolute URL</a> of the event source resource, with
the <i>mode</i> being <a href=#attr-crossorigin-use-credentials title=attr-crossorigin-use-credentials>Use Credentials</a>,
and the <i title="">origin</i> being the same as the
<a href=#origin>origin</a> used in the original request triggered by the
<code title=dom-EventSource><a href=#dom-eventsource>EventSource()</a></code>
constructor<!--, and the <i>default origin behaviour</i> set to
<i>fail</i> (though it has no effect in the "Use Credentials"
mode)-->, and process the resource obtained in this fashion, if
any, as described earlier in this section.</li>
the <i>mode</i><!--, the <i>default origin behaviour</i>,--> and
the <i title="">origin</i> being the same as those used in the
original request triggered by the <code title=dom-EventSource><a href=#dom-eventsource>EventSource()</a></code> constructor, and
process the resource obtained in this fashion, if any, as
described earlier in this section.</li>

</ol></li>

23 source
@@ -88449,15 +88449,17 @@ dictionary <dfn>EventSourceInit</dfn> {
<li><p>Return the new <code>EventSource</code> object, and continue
these steps in the background (without blocking scripts).</p></li>

<li>
<li><!-- if you change this, don't forget to update the
reconnecting fetch lower down as well! -->

<p>Do a <span>potentially CORS-enabled fetch</span> of the
resulting <span>absolute URL</span>, with the <i>mode</i> being
<var title="">CORS mode</var>, and the <i title="">origin</i>
being the <span>entry script</span>'s <span>origin</span><!--, and
the <i>default origin behaviour</i> set to <i>fail</i> (though it
has no effect in the "Use Credentials" mode)-->, and process the
resource obtained in this fashion, if any, as described below.</p>
has no effect in the "Anonymous" and "Use Credentials" modes)-->,
and process the resource obtained in this fashion, if any, as
described below.</p>

<p class="note">The definition of the <span
title="fetch">fetching</span> algorithm (which is used by CORS) is
@@ -88722,15 +88724,12 @@ dictionary <dfn>EventSourceInit</dfn> {

<li><p>Perform a <span>potentially CORS-enabled fetch</span> of
the <span>absolute URL</span> of the event source resource, with
the <i>mode</i> being <span
title="attr-crossorigin-use-credentials">Use Credentials</span>,
and the <i title="">origin</i> being the same as the
<span>origin</span> used in the original request triggered by the
<code title="dom-EventSource">EventSource()</code>
constructor<!--, and the <i>default origin behaviour</i> set to
<i>fail</i> (though it has no effect in the "Use Credentials"
mode)-->, and process the resource obtained in this fashion, if
any, as described earlier in this section.</p></li>
the <i>mode</i><!--, the <i>default origin behaviour</i>,--> and
the <i title="">origin</i> being the same as those used in the
original request triggered by the <code
title="dom-EventSource">EventSource()</code> constructor, and
process the resource obtained in this fashion, if any, as
described earlier in this section.</p></li>

</ol>

0 comments on commit 5e8f7a9

Please sign in to comment.