Skip to content
Permalink
Browse files

[giow] (0) CORS-enable EventSource, for cross-site event streams

git-svn-id: http://svn.whatwg.org/webapps@6255 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
Hixie committed Jun 17, 2011
1 parent e433aeb commit b2f9fbcc54d65571b314db838c75fc69e8a10341
Showing with 55 additions and 32 deletions.
  1. +28 −16 complete.html
  2. +27 −16 source

<li>

<p><a href=#fetch>Fetch</a> the resource identified by the resulting
<a href=#absolute-url>absolute URL</a>, from the <a href=#entry-script>entry script</a>'s
<a href=#origin>origin</a>, with the <i>force same-origin flag</i> set,
and process it as described below.</p> <!-- not http-origin
privacy sensitive (looking forward to CORS) -->

<p class=note>The definition of the <a href=#fetch title=fetch>fetching</a> algorithm is such that if the
browser is already fetching the resource identified by the given
<a href=#absolute-url>absolute URL</a>, that connection can be reused, instead
of a new connection being established. All messages received up to
this point are dispatched immediately, in this case.</p>
<p>Do a <a href=#potentially-cors-enabled-fetch>potentially CORS-enabled fetch</a> of the
resulting <a href=#absolute-url>absolute URL</a>, with the <i>mode</i> being
<a href=#attr-crossorigin-use-credentials title=attr-crossorigin-use-credentials>Use
Credentials</a>, and the <i><a href=#origin>origin</a></i> being the <a href=#entry-script>entry
script</a>'s <a href=#origin>origin</a><!--, and the <i>default origin
behaviour</i> set to <i>fail</i> (though it has no effect in the
"Use Credentials" mode)-->, and process the resource obtained in
this fashion, if any, as described below.</p>

<p class=note>The definition of the <a href=#fetch title=fetch>fetching</a> algorithm (which is used by CORS) is
such that if the browser is already fetching the resource
identified by the given <a href=#absolute-url>absolute URL</a>, that connection
can be reused, instead of a new connection being established. All
messages received up to this point are dispatched immediately, in
this case.</p>

</li>

other subresource.</p>

<p>HTTP 301 Moved Permanently, HTTP 302 Found, 303 See Other, and
307 Temporary Redirect responses are handled by the <a href=#fetch title=fetch>fetching</a> algorithm. In the case of 301
redirects, the user agent must also remember the new URL so that
307 Temporary Redirect responses are handled by the <a href=#fetch title=fetch>fetching</a> and CORS algorithms. In the case of
301 redirects, the user agent must also remember the new URL so that
subsequent requests for this resource for this
<code><a href=#eventsource>EventSource</a></code> object start with the URL given for the
last 301 seen for requests for this object.</p>
<code title=event-error>error</code> at the
<code><a href=#eventsource>EventSource</a></code> object, and then, after a delay equal to
the reconnection time of the event source, if the <code title=dom-EventSource-readyState><a href=#dom-eventsource-readystate>readyState</a></code> attribute is
still set to <code title=dom-EventSource-CONNECTING><a href=#dom-eventsource-connecting>CONNECTING</a></code>,
<a href=#fetch>fetch</a> the event source resource again from the same
<a href=#origin>origin</a> as the original request triggered by the <code title=dom-EventSource><a href=#dom-eventsource>EventSource()</a></code> constructor.</p>
still set to <code title=dom-EventSource-CONNECTING><a href=#dom-eventsource-connecting>CONNECTING</a></code>, once again do
a <a href=#potentially-cors-enabled-fetch>potentially CORS-enabled fetch</a> of the <a href=#absolute-url>absolute
URL</a> of the event source resource, with the <i>mode</i> being
<a href=#attr-crossorigin-use-credentials title=attr-crossorigin-use-credentials>Use
Credentials</a>, and the <i><a href=#origin>origin</a></i> being the same as the
<a href=#origin>origin</a> used in the original request triggered by the
<code title=dom-EventSource><a href=#dom-eventsource>EventSource()</a></code> constructor<!--,
and the <i>default origin behaviour</i> set to <i>fail</i> (though
it has no effect in the "Use Credentials" mode)-->, and process the
resource obtained in this fashion, if any, as described in this
section.</p>

<p>When a user agent is to <dfn id=fail-the-connection>fail the connection</dfn>, the user
agent must set the <code title=dom-EventSource-readyState><a href=#dom-eventsource-readystate>readyState</a></code> attribute to
43 source

<li>

<p><span>Fetch</span> the resource identified by the resulting
<span>absolute URL</span>, from the <span>entry script</span>'s
<span>origin</span>, with the <i>force same-origin flag</i> set,
and process it as described below.</p> <!-- not http-origin
privacy sensitive (looking forward to CORS) -->
<p>Do a <span>potentially CORS-enabled fetch</span> of the
resulting <span>absolute URL</span>, with the <i>mode</i> being
<span title="attr-crossorigin-use-credentials">Use
Credentials</span>, and the <i>origin</i> being the <span>entry
script</span>'s <span>origin</span><!--, and the <i>default origin
behaviour</i> set to <i>fail</i> (though it has no effect in the
"Use Credentials" mode)-->, and process the resource obtained in
this fashion, if any, as described below.</p>

<p class="note">The definition of the <span
title="fetch">fetching</span> algorithm is such that if the
browser is already fetching the resource identified by the given
<span>absolute URL</span>, that connection can be reused, instead
of a new connection being established. All messages received up to
this point are dispatched immediately, in this case.</p>
title="fetch">fetching</span> algorithm (which is used by CORS) is
such that if the browser is already fetching the resource
identified by the given <span>absolute URL</span>, that connection
can be reused, instead of a new connection being established. All
messages received up to this point are dispatched immediately, in
this case.</p>

</li>


<p>HTTP 301 Moved Permanently, HTTP 302 Found, 303 See Other, and
307 Temporary Redirect responses are handled by the <span
title="fetch">fetching</span> algorithm. In the case of 301
redirects, the user agent must also remember the new URL so that
title="fetch">fetching</span> and CORS algorithms. In the case of
301 redirects, the user agent must also remember the new URL so that
subsequent requests for this resource for this
<code>EventSource</code> object start with the URL given for the
last 301 seen for requests for this object.</p>
the reconnection time of the event source, if the <code
title="dom-EventSource-readyState">readyState</code> attribute is
still set to <code
title="dom-EventSource-CONNECTING">CONNECTING</code>,
<span>fetch</span> the event source resource again from the same
<span>origin</span> as the original request triggered by the <code
title="dom-EventSource">EventSource()</code> constructor.</p>
title="dom-EventSource-CONNECTING">CONNECTING</code>, once again do
a <span>potentially CORS-enabled fetch</span> of the <span>absolute
URL</span> of the event source resource, with the <i>mode</i> being
<span title="attr-crossorigin-use-credentials">Use
Credentials</span>, and the <i>origin</i> being the same as the
<span>origin</span> used in the original request triggered by the
<code title="dom-EventSource">EventSource()</code> constructor<!--,
and the <i>default origin behaviour</i> set to <i>fail</i> (though
it has no effect in the "Use Credentials" mode)-->, and process the
resource obtained in this fashion, if any, as described in this
section.</p>

<p>When a user agent is to <dfn>fail the connection</dfn>, the user
agent must set the <code

0 comments on commit b2f9fbc

Please sign in to comment.
You can’t perform that action at this time.