CREDENTIAL: Clean up non-normative opaque FormData text.

mikewest · mikewest · commit e385c5151df7 · 2015-09-02T13:36:31.000+02:00
diff --git a/specs/credentialmanagement/index.html b/specs/credentialmanagement/index.html
@@ -1491,48 +1491,9 @@ <h3 class="heading settled" data-level="3.3" id="opaque-formdata"><span class="s
      
     
      <li>
-      Whenever the user agent would <a data-link-type="dfn" href="https://xhr.spec.whatwg.org/#concept-fetchbodyinit-extract">extract a byte stream and
-      <code>Content-Type</code></a> from an opaque <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#interface-formdata">FormData</a></code> object
-      <var>formdata</var>, first the following steps:
-
-      
-      <ol>
-        
-       <li>
-          If the extraction algorithm is not being executed in the context of
-          either <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#interface-xmlhttprequest">XMLHttpRequest</a></code>'s <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#dom-xmlhttprequest-send">send()</a></code> method, or
-          Fetch’s <code class="idl"><a data-link-type="idl" href="https://fetch.spec.whatwg.org/#dom-request">Request()</a></code> or <code class="idl"><a data-link-type="idl" href="https://fetch.spec.whatwg.org/#dom-response">Response()</a></code> constructors, then:
-
-          
-        <ol>
-            
-         <li>
-              Abort the extraction algorithm and return the result of executing
-              the <a data-link-type="dfn" href="https://xhr.spec.whatwg.org/#concept-fetchbodyinit-extract">extract a byte stream and
-              <code>Content-Type</code></a> algorithm on a new (empty)
-              <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#interface-formdata">FormData</a></code> object.
-            
-         
-          
-        </ol>
-        
-        
-       
-      
-      </ol>
-      
-    
-     
-    
-     <li>
-      TODO.
-
-
-      <p class="issue" id="issue-6636b845"><a class="self-link" href="#issue-6636b845"></a> Determine the right spec text to impart the following: When a request
-      is handed off to Fetch, mark it as opaque if its body is populated from an
-      opaque <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#interface-formdata">FormData</a></code> object, or if it is the result of a form submission with
-      opaque contents.</p>
-      
+      The opaqueness of a <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#interface-formdata">FormData</a></code> object taints <code class="idl"><a data-link-type="idl" href="https://fetch.spec.whatwg.org/#request">Request</a></code> objects
+      created from them. The <code class="idl"><a data-link-type="idl" href="https://fetch.spec.whatwg.org/#body">Body</a></code> accessor methods will reject with a
+      <code>TypeError</code>.
     
      
   
@@ -3411,8 +3372,8 @@ <h3 class="no-num heading settled" id="index-defined-elsewhere"><span class="con
    <li><a data-link-type="biblio" href="#biblio-fetch">[FETCH]</a> defines the following terms:
     <ul>
      <li><a href="https://fetch.spec.whatwg.org/#body">Body</a>
+     <li><a href="https://fetch.spec.whatwg.org/#request">Request</a>
      <li><a href="https://fetch.spec.whatwg.org/#dom-request">Request()</a>
-     <li><a href="https://fetch.spec.whatwg.org/#dom-response">Response()</a>
      <li><a href="https://fetch.spec.whatwg.org/#dom-Body-arrayBuffer">arrayBuffer()</a>
      <li><a href="https://fetch.spec.whatwg.org/#dom-Body-blob">blob()</a>
      <li><a href="https://fetch.spec.whatwg.org/#concept-Body-consume-body">consume body</a>
@@ -3606,10 +3567,6 @@ <h2 class="no-num heading settled" id="issues-index"><span class="content">Issue
    <div class="issue"> We should support explicit sign-up via
   <code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>s with generated passwords. Perhaps something similar to
   iOS8’s <code>SecCreateSharedWebCredentialPassword</code>. <a href="https://github.com/w3c/webappsec/issues/250">&lt;https://github.com/w3c/webappsec/issues/250></a><a href="#issue-74489b21"> ↵ </a></div>
-   <div class="issue"> Determine the right spec text to impart the following: When a request
-      is handed off to Fetch, mark it as opaque if its body is populated from an
-      opaque <code class="idl"><a data-link-type="idl" href="https://xhr.spec.whatwg.org/#interface-formdata">FormData</a></code> object, or if it is the result of a form submission with
-      opaque contents.<a href="#issue-6636b845"> ↵ </a></div>
    <div class="issue"> Monkey-patching! Hooray! Talk with Anne, et al.<a href="#issue-020f94b2"> ↵ </a></div>
    <div class="issue"> Currently, we’re not protecting requests with opaque bodies from
   Service Worker interception. Should we?<a href="#issue-be0db764"> ↵ </a></div>
diff --git a/specs/credentialmanagement/index.src.html b/specs/credentialmanagement/index.src.html
@@ -931,34 +931,9 @@ <h3 id="opaque-formdata">Opaque <code>FormData</code> objects</h3>
       {{FormData/getAll()}} method, it MUST return the empty sequence.
     </li>
     <li>
-      Whenever the user agent would <a lt="extract">extract a byte stream and
-      <code>Content-Type</code></a> from an opaque {{FormData}} object
-      <var>formdata</var>, first the following steps:
-
-      <ol>
-        <li>
-          If the extraction algorithm is not being executed in the context of
-          either {{XMLHttpRequest}}'s {{XMLHttpRequest/send()}} method, or
-          Fetch's {{Request()}} or {{Response()}} constructors, then:
-
-          <ol>
-            <li>
-              Abort the extraction algorithm and return the result of executing
-              the <a lt="extract">extract a byte stream and
-              <code>Content-Type</code></a> algorithm on a new (empty)
-              {{FormData}} object.
-            </li>
-          </ol>
-        </li>
-      </ol>
-    </li>
-    <li>
-      TODO.
-
-      ISSUE: Determine the right spec text to impart the following: When a request
-      is handed off to Fetch, mark it as opaque if its body is populated from an
-      opaque {{FormData}} object, or if it is the result of a form submission with
-      opaque contents.
+      The opaqueness of a {{FormData}} object taints {{Request}} objects
+      created from them. The {{Body}} accessor methods will reject with a
+      <code>TypeError</code>.
     </li>
   </ol>
 
