Fix check of request initiator being "fetch" (#663)

SHA: efd28c1
Reason: push, by antosart

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

Author: antosart

index.html

@@ -7,7 +7,7 @@
   <link href="https://www.w3.org/StyleSheets/TR/2021/W3C-WD" rel="stylesheet">
   <meta content="Bikeshed version 82ce88815, updated Thu Sep 7 16:33:55 2023 -0700" name="generator">
   <link href="https://www.w3.org/TR/CSP3/" rel="canonical">
-  <meta content="ce17e1058fd63fd0b03d114951b9aaaf3f24c767" name="document-revision">
+  <meta content="efd28c1d9f9a98298c59dddacfc7b9d1b3c43c2f" name="document-revision">
 <style>
   ul.toc ul ul ul {
     margin: 0 0 0 2em;
@@ -702,13 +702,13 @@
   <div class="head">
    <p data-fill-with="logo"><a class="logo" href="https://www.w3.org/"> <img alt="W3C" height="48" src="https://www.w3.org/StyleSheets/TR/2021/logos/W3C" width="72"> </a> </p>
    <h1>Content Security Policy Level 3</h1>
-   <p id="w3c-state"><a href="https://www.w3.org/standards/types#WD">W3C Working Draft</a>, <time class="dt-updated" datetime="2024-09-09">9 September 2024</time></p>
+   <p id="w3c-state"><a href="https://www.w3.org/standards/types#WD">W3C Working Draft</a>, <time class="dt-updated" datetime="2024-10-14">14 October 2024</time></p>
    <details open>
     <summary>More details about this document</summary>
     <div data-fill-with="spec-metadata">
      <dl>
       <dt>This version:
-      <dd><a class="u-url" href="https://www.w3.org/TR/2024/WD-CSP3-20240909/">https://www.w3.org/TR/2024/WD-CSP3-20240909/</a>
+      <dd><a class="u-url" href="https://www.w3.org/TR/2024/WD-CSP3-20241014/">https://www.w3.org/TR/2024/WD-CSP3-20241014/</a>
       <dt>Latest published version:
       <dd><a href="https://www.w3.org/TR/CSP3/">https://www.w3.org/TR/CSP3/</a>
       <dt>Editor's Draft:
@@ -4282,11 +4282,15 @@ <h4 class="heading settled algorithm" data-algorithm="Get the effective directiv
       <p>If <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-initiator" id="ref-for-concept-request-initiator②">initiator</a> is "<code>prefetch</code>" or "<code>prerender</code>",
   return <code>default-src</code>.</p>
      <li data-md>
-      <p>If <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-initiator" id="ref-for-concept-request-initiator③">initiator</a> is "<code>fetch</code>" or its <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-destination" id="ref-for-concept-request-destination⑥">destination</a> is "", return <code>connect-src</code>.</p>
-     <li data-md>
-      <p>Switch on <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-destination" id="ref-for-concept-request-destination⑦">destination</a>, and execute
+      <p>Switch on <var>request</var>’s <a data-link-type="dfn" href="https://fetch.spec.whatwg.org/#concept-request-destination" id="ref-for-concept-request-destination⑥">destination</a>, and execute
   the associated steps:</p>
       <dl>
+       <dt data-md>the empty string
+       <dd data-md>
+        <ol>
+         <li data-md>
+          <p>Return <code>connect-src</code>.</p>
+        </ol>
        <dt data-md>"<code>manifest</code>"
        <dd data-md>
         <ol>
@@ -5645,18 +5649,18 @@ <h3 class="no-num no-ref heading settled" id="normative"><span class="content">N
    <dt id="biblio-sri">[SRI]
    <dd>Devdatta Akhawe; et al. <a href="https://www.w3.org/TR/SRI/"><cite>Subresource Integrity</cite></a>. 23 June 2016. REC. URL: <a href="https://www.w3.org/TR/SRI/">https://www.w3.org/TR/SRI/</a>
    <dt id="biblio-trusted-types">[TRUSTED-TYPES]
-   <dd>Krzysztof Kotowicz. <a href="https://www.w3.org/TR/trusted-types/"><cite>Trusted Types</cite></a>. 18 July 2024. WD. URL: <a href="https://www.w3.org/TR/trusted-types/">https://www.w3.org/TR/trusted-types/</a>
+   <dd>Krzysztof Kotowicz. <a href="https://www.w3.org/TR/trusted-types/"><cite>Trusted Types</cite></a>. 10 September 2024. WD. URL: <a href="https://www.w3.org/TR/trusted-types/">https://www.w3.org/TR/trusted-types/</a>
    <dt id="biblio-url">[URL]
    <dd>Anne van Kesteren. <a href="https://url.spec.whatwg.org/"><cite>URL Standard</cite></a>. Living Standard. URL: <a href="https://url.spec.whatwg.org/">https://url.spec.whatwg.org/</a>
    <dt id="biblio-webidl">[WEBIDL]
    <dd>Edgar Chen; Timothy Gu. <a href="https://webidl.spec.whatwg.org/"><cite>Web IDL Standard</cite></a>. Living Standard. URL: <a href="https://webidl.spec.whatwg.org/">https://webidl.spec.whatwg.org/</a>
    <dt id="biblio-webrtc">[WEBRTC]
-   <dd>Cullen Jennings; et al. <a href="https://www.w3.org/TR/webrtc/"><cite>WebRTC: Real-Time Communication in Browsers</cite></a>. 6 March 2023. REC. URL: <a href="https://www.w3.org/TR/webrtc/">https://www.w3.org/TR/webrtc/</a>
+   <dd>Cullen Jennings; et al. <a href="https://www.w3.org/TR/webrtc/"><cite>WebRTC: Real-Time Communication in Browsers</cite></a>. 8 October 2024. REC. URL: <a href="https://www.w3.org/TR/webrtc/">https://www.w3.org/TR/webrtc/</a>
   </dl>
   <h3 class="no-num no-ref heading settled" id="informative"><span class="content">Informative References</span><a class="self-link" href="#informative"></a></h3>
   <dl>
    <dt id="biblio-appmanifest">[APPMANIFEST]
-   <dd>Marcos Caceres; et al. <a href="https://www.w3.org/TR/appmanifest/"><cite>Web Application Manifest</cite></a>. 5 September 2024. WD. URL: <a href="https://www.w3.org/TR/appmanifest/">https://www.w3.org/TR/appmanifest/</a>
+   <dd>Marcos Caceres; et al. <a href="https://www.w3.org/TR/appmanifest/"><cite>Web Application Manifest</cite></a>. 11 October 2024. WD. URL: <a href="https://www.w3.org/TR/appmanifest/">https://www.w3.org/TR/appmanifest/</a>
    <dt id="biblio-beacon">[BEACON]
    <dd>Ilya Grigorik; Alois Reitbauer. <a href="https://www.w3.org/TR/beacon/"><cite>Beacon</cite></a>. 3 August 2022. CR. URL: <a href="https://www.w3.org/TR/beacon/">https://www.w3.org/TR/beacon/</a>
    <dt id="biblio-csp2">[CSP2]
@@ -6107,13 +6111,13 @@ <h2 class="no-num no-ref heading settled" id="issues-index"><span class="content
 window.dfnpanelData['902380f7'] = {"dfnID": "902380f7", "url": "https://fetch.spec.whatwg.org/#concept-request-credentials-mode", "dfnText": "credentials mode", "refSections": [{"refs": [{"id": "ref-for-concept-request-credentials-mode"}], "title": "5.5. \n    Report a violation\n  "}], "external": true};
 window.dfnpanelData['784f01de'] = {"dfnID": "784f01de", "url": "https://fetch.spec.whatwg.org/#concept-request-nonce-metadata", "dfnText": "cryptographic nonce metadata", "refSections": [{"refs": [{"id": "ref-for-concept-request-nonce-metadata"}], "title": "4.2. \n    Integration with HTML\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2460"}], "title": "6.1.13.1. \n    style-src Pre-request Check\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2461"}], "title": "6.1.13.2. \n    style-src Post-request Check\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2462"}], "title": "6.1.14.1. \n    style-src-elem Pre-request Check\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2463"}], "title": "6.1.14.2. \n    style-src-elem Post-request Check\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2464"}], "title": "6.7.1.1. \n    Script directives pre-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2465"}], "title": "6.7.1.2. \n    Script directives post-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-nonce-metadata\u2466"}], "title": "6.7.2.3. \n    Does nonce match source list?\n  "}], "external": true};
 window.dfnpanelData['3f2ca4de'] = {"dfnID": "3f2ca4de", "url": "https://fetch.spec.whatwg.org/#concept-request-current-url", "dfnText": "current url", "refSections": [{"refs": [{"id": "ref-for-concept-request-current-url"}], "title": "2.4.2. \n    Create a violation object for request, and policy.\n  "}, {"refs": [{"id": "ref-for-concept-request-current-url\u2460"}, {"id": "ref-for-concept-request-current-url\u2461"}], "title": "4.2.4. \n    Should navigation request of type be blocked\n    by Content Security Policy?\n  "}, {"refs": [{"id": "ref-for-concept-request-current-url\u2462"}], "title": "6.7.2.5. \n    Does request match source list?\n  "}], "external": true};
-window.dfnpanelData['3ae34c95'] = {"dfnID": "3ae34c95", "url": "https://fetch.spec.whatwg.org/#concept-request-destination", "dfnText": "destination", "refSections": [{"refs": [{"id": "ref-for-concept-request-destination"}], "title": "5.5. \n    Report a violation\n  "}, {"refs": [{"id": "ref-for-concept-request-destination\u2460"}, {"id": "ref-for-concept-request-destination\u2461"}], "title": "6.1.1. child-src"}, {"refs": [{"id": "ref-for-concept-request-destination\u2462"}], "title": "6.1.6. img-src"}, {"refs": [{"id": "ref-for-concept-request-destination\u2463"}], "title": "6.7.1.1. \n    Script directives pre-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-destination\u2464"}], "title": "6.7.1.2. \n    Script directives post-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-destination\u2465"}, {"id": "ref-for-concept-request-destination\u2466"}], "title": "6.8.1. \n    Get the effective directive for request\n  "}], "external": true};
+window.dfnpanelData['3ae34c95'] = {"dfnID": "3ae34c95", "url": "https://fetch.spec.whatwg.org/#concept-request-destination", "dfnText": "destination", "refSections": [{"refs": [{"id": "ref-for-concept-request-destination"}], "title": "5.5. \n    Report a violation\n  "}, {"refs": [{"id": "ref-for-concept-request-destination\u2460"}, {"id": "ref-for-concept-request-destination\u2461"}], "title": "6.1.1. child-src"}, {"refs": [{"id": "ref-for-concept-request-destination\u2462"}], "title": "6.1.6. img-src"}, {"refs": [{"id": "ref-for-concept-request-destination\u2463"}], "title": "6.7.1.1. \n    Script directives pre-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-destination\u2464"}], "title": "6.7.1.2. \n    Script directives post-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-destination\u2465"}], "title": "6.8.1. \n    Get the effective directive for request\n  "}], "external": true};
 window.dfnpanelData['3be1d4ac'] = {"dfnID": "3be1d4ac", "url": "https://fetch.spec.whatwg.org/#extract-header-list-values", "dfnText": "extracting header list values", "refSections": [{"refs": [{"id": "ref-for-extract-header-list-values"}, {"id": "ref-for-extract-header-list-values\u2460"}], "title": "2.2.3. \n    Parse response\u2019s Content Security Policies\n  "}], "external": true};
 window.dfnpanelData['a33db89a'] = {"dfnID": "a33db89a", "url": "https://fetch.spec.whatwg.org/#concept-fetch", "dfnText": "fetch", "refSections": [{"refs": [{"id": "ref-for-concept-fetch"}], "title": "5.5. \n    Report a violation\n  "}], "external": true};
 window.dfnpanelData['6ee0eab1'] = {"dfnID": "6ee0eab1", "url": "https://fetch.spec.whatwg.org/#concept-request-header-list", "dfnText": "header list (for request)", "refSections": [{"refs": [{"id": "ref-for-concept-request-header-list"}], "title": "5.5. \n    Report a violation\n  "}], "external": true};
 window.dfnpanelData['f7b00a8b'] = {"dfnID": "f7b00a8b", "url": "https://fetch.spec.whatwg.org/#concept-response-header-list", "dfnText": "header list (for response)", "refSections": [{"refs": [{"id": "ref-for-concept-response-header-list"}, {"id": "ref-for-concept-response-header-list\u2460"}], "title": "2.2.3. \n    Parse response\u2019s Content Security Policies\n  "}], "external": true};
 window.dfnpanelData['eb62573b'] = {"dfnID": "eb62573b", "url": "https://fetch.spec.whatwg.org/#http-scheme", "dfnText": "http(s) scheme", "refSections": [{"refs": [{"id": "ref-for-http-scheme"}, {"id": "ref-for-http-scheme\u2460"}], "title": "1.3. Changes from Level 2"}, {"refs": [{"id": "ref-for-http-scheme\u2461"}], "title": "5.4. Strip URL for use in reports"}, {"refs": [{"id": "ref-for-http-scheme\u2462"}, {"id": "ref-for-http-scheme\u2463"}], "title": "6.7.2.8. \n    Does url match expression in origin with redirect count?\n  "}], "external": true};
-window.dfnpanelData['fa4ea124'] = {"dfnID": "fa4ea124", "url": "https://fetch.spec.whatwg.org/#concept-request-initiator", "dfnText": "initiator", "refSections": [{"refs": [{"id": "ref-for-concept-request-initiator"}], "title": "5.5. \n    Report a violation\n  "}, {"refs": [{"id": "ref-for-concept-request-initiator\u2460"}], "title": "6.7.2.1. \n    Does request violate policy?\n  "}, {"refs": [{"id": "ref-for-concept-request-initiator\u2461"}, {"id": "ref-for-concept-request-initiator\u2462"}], "title": "6.8.1. \n    Get the effective directive for request\n  "}], "external": true};
+window.dfnpanelData['fa4ea124'] = {"dfnID": "fa4ea124", "url": "https://fetch.spec.whatwg.org/#concept-request-initiator", "dfnText": "initiator", "refSections": [{"refs": [{"id": "ref-for-concept-request-initiator"}], "title": "5.5. \n    Report a violation\n  "}, {"refs": [{"id": "ref-for-concept-request-initiator\u2460"}], "title": "6.7.2.1. \n    Does request violate policy?\n  "}, {"refs": [{"id": "ref-for-concept-request-initiator\u2461"}], "title": "6.8.1. \n    Get the effective directive for request\n  "}], "external": true};
 window.dfnpanelData['d79a826f'] = {"dfnID": "d79a826f", "url": "https://fetch.spec.whatwg.org/#concept-request-integrity-metadata", "dfnText": "integrity metadata", "refSections": [{"refs": [{"id": "ref-for-concept-request-integrity-metadata"}], "title": "6.7.1.1. \n    Script directives pre-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-integrity-metadata\u2460"}], "title": "6.7.1.2. \n    Script directives post-request check\n  "}, {"refs": [{"id": "ref-for-concept-request-integrity-metadata\u2461"}], "title": "6.7.2.4. \n    Does integrity metadata match source list?\n  "}], "external": true};
 window.dfnpanelData['8f26de31'] = {"dfnID": "8f26de31", "url": "https://fetch.spec.whatwg.org/#is-local", "dfnText": "is local", "refSections": [{"refs": [{"id": "ref-for-is-local"}], "title": "6.4.2.1. \n    frame-ancestors Navigation Response Check\n  "}], "external": true};
 window.dfnpanelData['8394d1b7'] = {"dfnID": "8394d1b7", "url": "https://fetch.spec.whatwg.org/#request-keepalive-flag", "dfnText": "keepalive", "refSections": [{"refs": [{"id": "ref-for-request-keepalive-flag"}], "title": "5.5. \n    Report a violation\n  "}], "external": true};