Skip to content

Commit b281175

Browse files
antosartgithub-actions[bot]
antosart
and
github-actions[bot]
committed
[Editorial] Fix missing input param of match-response-source-list (#732)
SHA: 7092cef Reason: push, by antosart Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
1 parent e7d0257 commit b281175

File tree

1 file changed

+7
-7
lines changed

1 file changed

+7
-7
lines changed

index.html

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
<link href="https://www.w3.org/StyleSheets/TR/2021/W3C-WD" rel="stylesheet">
88
<meta content="Bikeshed version 9a7a6709a, updated Tue May 27 16:45:34 2025 -0700" name="generator">
99
<link href="https://www.w3.org/TR/CSP3/" rel="canonical">
10-
<meta content="2d2653df20b99b4304b46b203afba40c116d26e7" name="revision">
10+
<meta content="7092ceff14e8c70b60f43fb737b94adc0cf7beac" name="revision">
1111
<meta content="dark light" name="color-scheme">
1212
<link href="https://www.w3.org/StyleSheets/TR/2021/dark.css" media="(prefers-color-scheme: dark)" rel="stylesheet" type="text/css">
1313
<style>
@@ -771,13 +771,13 @@
771771
<div class="head">
772772
<p data-fill-with="logo"><a class="logo" href="https://www.w3.org/"> <img alt="W3C" height="48" src="https://www.w3.org/StyleSheets/TR/2021/logos/W3C" width="72"> </a> </p>
773773
<h1>Content Security Policy Level 3</h1>
774-
<p id="w3c-state"><a href="https://www.w3.org/standards/types/#WD">W3C Working Draft</a>, <time class="dt-updated" datetime="2025-05-30">30 May 2025</time></p>
774+
<p id="w3c-state"><a href="https://www.w3.org/standards/types/#WD">W3C Working Draft</a>, <time class="dt-updated" datetime="2025-06-02">2 June 2025</time></p>
775775
<details open>
776776
<summary>More details about this document</summary>
777777
<div data-fill-with="spec-metadata">
778778
<dl>
779779
<dt>This version:
780-
<dd><a class="u-url" href="https://www.w3.org/TR/2025/WD-CSP3-20250530/">https://www.w3.org/TR/2025/WD-CSP3-20250530/</a>
780+
<dd><a class="u-url" href="https://www.w3.org/TR/2025/WD-CSP3-20250602/">https://www.w3.org/TR/2025/WD-CSP3-20250602/</a>
781781
<dt>Latest published version:
782782
<dd><a href="https://www.w3.org/TR/CSP3/">https://www.w3.org/TR/CSP3/</a>
783783
<dt>Editor's Draft:
@@ -4065,9 +4065,9 @@ <h5 class="heading settled algorithm" data-algorithm="Does request match source
40654065
and a <a data-link-type="dfn" href="#content-security-policy-object" id="ref-for-content-security-policy-object⑦③">policy</a> <var>policy</var>, this algorithm returns the result of executing <a href="#match-url-to-source-list">§ 6.7.2.7 Does url match source list in origin with redirect count?</a> on <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-current-url" id="ref-for-concept-request-current-url③">current url</a>, <var>source list</var>, <var>policy</var>’s <a data-link-type="dfn" href="#policy-self-origin" id="ref-for-policy-self-origin③">self-origin</a>, and <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-redirect-count" id="ref-for-concept-request-redirect-count">redirect count</a>.</p>
40664066
<p class="note" role="note"><span class="marker">Note:</span> This is generally used in <a data-link-type="dfn" href="#directives" id="ref-for-directives③⑥">directives</a>' <a data-link-type="dfn" href="#directive-pre-request-check" id="ref-for-directive-pre-request-check①⑨">pre-request check</a> algorithms to verify that a given <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request" id="ref-for-concept-request⑥①">request</a> is reasonable.</p>
40674067
<h5 class="heading settled algorithm" data-algorithm="Does response to request match source list?" data-level="6.7.2.6" id="match-response-to-source-list"><span class="secno">6.7.2.6. </span><span class="content"> Does <var>response</var> to <var>request</var> match <var>source list</var>? </span><a class="self-link" href="#match-response-to-source-list"></a></h5>
4068-
<p>Given a <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request" id="ref-for-concept-request⑥②">request</a> <var>request</var>, and a <a data-link-type="dfn" href="#source-lists" id="ref-for-source-lists①⑥">source list</a> <var>source list</var>,
4069-
and a <a data-link-type="dfn" href="#content-security-policy-object" id="ref-for-content-security-policy-object⑦④">policy</a> <var>policy</var>, this algorithm returns the result of executing <a href="#match-url-to-source-list">§ 6.7.2.7 Does url match source list in origin with redirect count?</a> on <var>response</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-response-url" id="ref-for-concept-response-url③">url</a>, <var>source list</var>, <var>policy</var>’s <a data-link-type="dfn" href="#policy-self-origin" id="ref-for-policy-self-origin④">self-origin</a>, and <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-redirect-count" id="ref-for-concept-request-redirect-count①">redirect count</a>.</p>
4070-
<p class="note" role="note"><span class="marker">Note:</span> This is generally used in <a data-link-type="dfn" href="#directives" id="ref-for-directives③⑦">directives</a>' <a data-link-type="dfn" href="#directive-post-request-check" id="ref-for-directive-post-request-check②⓪">post-request check</a> algorithms to verify that a given <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-response" id="ref-for-concept-response②">response</a> is reasonable.</p>
4068+
<p>Given a <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-response" id="ref-for-concept-response②⑧">response</a> <var>response</var>, a <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request" id="ref-for-concept-request⑥②">request</a> <var>request</var>, a <a data-link-type="dfn" href="#source-lists" id="ref-for-source-lists①⑥">source list</a> <var>source list</var>, and a <a data-link-type="dfn" href="#content-security-policy-object" id="ref-for-content-security-policy-object⑦④">policy</a> <var>policy</var>, this
4069+
algorithm returns the result of executing <a href="#match-url-to-source-list">§ 6.7.2.7 Does url match source list in origin with redirect count?</a> on <var>response</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-response-url" id="ref-for-concept-response-url③">url</a>, <var>source list</var>, <var>policy</var>’s <a data-link-type="dfn" href="#policy-self-origin" id="ref-for-policy-self-origin④">self-origin</a>, and <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-redirect-count" id="ref-for-concept-request-redirect-count①">redirect count</a>.</p>
4070+
<p class="note" role="note"><span class="marker">Note:</span> This is generally used in <a data-link-type="dfn" href="#directives" id="ref-for-directives③⑦">directives</a>' <a data-link-type="dfn" href="#directive-post-request-check" id="ref-for-directive-post-request-check②⓪">post-request check</a> algorithms to verify that a given <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-response" id="ref-for-concept-response②">response</a> is reasonable.</p>
40714071
<h5 class="heading settled algorithm" data-algorithm="Does url match source list in origin with redirect count?" data-level="6.7.2.7" id="match-url-to-source-list"><span class="secno">6.7.2.7. </span><span class="content"> Does <var>url</var> match <var>source list</var> in <var>origin</var> with <var>redirect count</var>? </span><a class="self-link" href="#match-url-to-source-list"></a></h5>
40724072
<p>Given a <code class="idl"><a data-link-type="idl" href="https://url.spec.whatwg.org/#url" id="ref-for-url⑨">URL</a></code> <var>url</var>, a <a data-link-type="dfn" href="#source-lists" id="ref-for-source-lists①⑦">source list</a> <var>source list</var>, an <a data-link-type="dfn" href="https://html.spec.whatwg.org/#concept-origin" id="ref-for-concept-origin①">origin</a> <var>origin</var>, and a number <var>redirect count</var>, this
40734073
algorithm returns "<code>Matches</code>" if the URL matches one or more source
@@ -6464,7 +6464,7 @@ <h2 class="no-num no-ref heading settled" id="issues-index"><span class="content
64646464
"eb62573b": {"dfnID":"eb62573b","dfnText":"HTTP(S) scheme","external":true,"refSections":[{"refs":[{"id":"ref-for-http-scheme"},{"id":"ref-for-http-scheme\u2460"}],"title":"1.3. Changes from Level 2"},{"refs":[{"id":"ref-for-http-scheme\u2461"}],"title":"5.4. Strip URL for use in reports"},{"refs":[{"id":"ref-for-http-scheme\u2462"},{"id":"ref-for-http-scheme\u2463"}],"title":"6.7.2.8. \n Does url match expression in origin with redirect count?\n "}],"url":"https://fetch.spec.whatwg.org/#http-scheme"},
64656465
"ed948033": {"dfnID":"ed948033","dfnText":"fragment","external":true,"refSections":[{"refs":[{"id":"ref-for-concept-url-fragment"}],"title":"5.4. Strip URL for use in reports"}],"url":"https://url.spec.whatwg.org/#concept-url-fragment"},
64666466
"ee1a333c": {"dfnID":"ee1a333c","dfnText":"parser metadata","external":true,"refSections":[{"refs":[{"id":"ref-for-concept-request-parser-metadata"}],"title":"4.2. \n Integration with HTML\n "},{"refs":[{"id":"ref-for-concept-request-parser-metadata\u2460"}],"title":"6.7.1.1. \n Script directives pre-request check\n "},{"refs":[{"id":"ref-for-concept-request-parser-metadata\u2461"}],"title":"6.7.1.2. \n Script directives post-request check\n "}],"url":"https://fetch.spec.whatwg.org/#concept-request-parser-metadata"},
6467-
"ee7bba09": {"dfnID":"ee7bba09","dfnText":"response","external":true,"refSections":[{"refs":[{"id":"ref-for-concept-response"}],"title":"2.2.2. \n Parse response\u2019s Content Security Policies\n "},{"refs":[{"id":"ref-for-concept-response\u2460"},{"id":"ref-for-concept-response\u2461"}],"title":"2.3. Directives"},{"refs":[{"id":"ref-for-concept-response\u2462"},{"id":"ref-for-concept-response\u2463"}],"title":"4.1. \n Integration with Fetch\n "},{"refs":[{"id":"ref-for-concept-response\u2464"}],"title":"4.1.3. \n Should response to request be blocked by Content Security Policy?\n "},{"refs":[{"id":"ref-for-concept-response\u2465"}],"title":"4.1.4. Potentially report hash"},{"refs":[{"id":"ref-for-concept-response\u2466"},{"id":"ref-for-concept-response\u2467"}],"title":"4.2. \n Integration with HTML\n "},{"refs":[{"id":"ref-for-concept-response\u2468"}],"title":"4.2.5. \n Should navigation response to navigation request of type\n in target be blocked by Content Security Policy?\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u24ea"}],"title":"6.1.1.2. \n child-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2460"}],"title":"6.1.2.2. \n connect-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2461"}],"title":"6.1.3.2. \n default-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2462"}],"title":"6.1.4.2. \n font-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2463"}],"title":"6.1.5.2. \n frame-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2464"}],"title":"6.1.6.2. \n img-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2465"}],"title":"6.1.7.2. \n manifest-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2466"}],"title":"6.1.8.2. \n media-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2467"}],"title":"6.1.9.2. \n object-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2468"}],"title":"6.1.10. script-src"},{"refs":[{"id":"ref-for-concept-response\u2461\u24ea"}],"title":"6.1.10.2. \n script-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2460"}],"title":"6.1.11.2. \n script-src-elem Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2461"}],"title":"6.1.13. style-src"},{"refs":[{"id":"ref-for-concept-response\u2461\u2462"}],"title":"6.1.13.2. \n style-src Post-request Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2463"}],"title":"6.1.14.2. \n style-src-elem Post-request Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2464"}],"title":"6.2.2.2. \n worker-src Post-request Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2465"}],"title":"6.4.2.1. \n frame-ancestors Navigation Response Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2466"}],"title":"6.7.1.2. \n Script directives post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2467"}],"title":"6.7.2.6. \n Does response to request match source list?\n "}],"url":"https://fetch.spec.whatwg.org/#concept-response"},
6467+
"ee7bba09": {"dfnID":"ee7bba09","dfnText":"response","external":true,"refSections":[{"refs":[{"id":"ref-for-concept-response"}],"title":"2.2.2. \n Parse response\u2019s Content Security Policies\n "},{"refs":[{"id":"ref-for-concept-response\u2460"},{"id":"ref-for-concept-response\u2461"}],"title":"2.3. Directives"},{"refs":[{"id":"ref-for-concept-response\u2462"},{"id":"ref-for-concept-response\u2463"}],"title":"4.1. \n Integration with Fetch\n "},{"refs":[{"id":"ref-for-concept-response\u2464"}],"title":"4.1.3. \n Should response to request be blocked by Content Security Policy?\n "},{"refs":[{"id":"ref-for-concept-response\u2465"}],"title":"4.1.4. Potentially report hash"},{"refs":[{"id":"ref-for-concept-response\u2466"},{"id":"ref-for-concept-response\u2467"}],"title":"4.2. \n Integration with HTML\n "},{"refs":[{"id":"ref-for-concept-response\u2468"}],"title":"4.2.5. \n Should navigation response to navigation request of type\n in target be blocked by Content Security Policy?\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u24ea"}],"title":"6.1.1.2. \n child-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2460"}],"title":"6.1.2.2. \n connect-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2461"}],"title":"6.1.3.2. \n default-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2462"}],"title":"6.1.4.2. \n font-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2463"}],"title":"6.1.5.2. \n frame-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2464"}],"title":"6.1.6.2. \n img-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2465"}],"title":"6.1.7.2. \n manifest-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2466"}],"title":"6.1.8.2. \n media-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2467"}],"title":"6.1.9.2. \n object-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2460\u2468"}],"title":"6.1.10. script-src"},{"refs":[{"id":"ref-for-concept-response\u2461\u24ea"}],"title":"6.1.10.2. \n script-src Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2460"}],"title":"6.1.11.2. \n script-src-elem Post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2461"}],"title":"6.1.13. style-src"},{"refs":[{"id":"ref-for-concept-response\u2461\u2462"}],"title":"6.1.13.2. \n style-src Post-request Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2463"}],"title":"6.1.14.2. \n style-src-elem Post-request Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2464"}],"title":"6.2.2.2. \n worker-src Post-request Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2465"}],"title":"6.4.2.1. \n frame-ancestors Navigation Response Check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2466"}],"title":"6.7.1.2. \n Script directives post-request check\n "},{"refs":[{"id":"ref-for-concept-response\u2461\u2467"},{"id":"ref-for-concept-response\u2461\u2468"}],"title":"6.7.2.6. \n Does response to request match source list?\n "}],"url":"https://fetch.spec.whatwg.org/#concept-response"},
64686468
"efd1ec5d": {"dfnID":"efd1ec5d","dfnText":"object","external":true,"refSections":[{"refs":[{"id":"ref-for-idl-object"}],"title":"5. \n Reporting\n "}],"url":"https://webidl.spec.whatwg.org/#idl-object"},
64696469
"enforced": {"dfnID":"enforced","dfnText":"enforced","external":false,"refSections":[{"refs":[{"id":"ref-for-enforced"}],"title":"3.1. \n The Content-Security-Policy HTTP Response Header Field\n "},{"refs":[{"id":"ref-for-enforced\u2460"}],"title":"4.2. \n Integration with HTML\n "}],"url":"#enforced"},
64706470
"enumdef-securitypolicyviolationeventdisposition": {"dfnID":"enumdef-securitypolicyviolationeventdisposition","dfnText":"SecurityPolicyViolationEventDisposition","external":false,"refSections":[{"refs":[{"id":"ref-for-enumdef-securitypolicyviolationeventdisposition"}],"title":"5. \n Reporting\n "},{"refs":[{"id":"ref-for-enumdef-securitypolicyviolationeventdisposition\u2460"},{"id":"ref-for-enumdef-securitypolicyviolationeventdisposition\u2461"}],"title":"5.1. \n Violation DOM Events\n "}],"url":"#enumdef-securitypolicyviolationeventdisposition"},

0 commit comments

Comments
 (0)