Skip to content

Commit 3c0dd16

Browse files
antosartantosart
authored
Add policy container to request
This snapshots policies when a request is created in order to have them available (and be immutable) for the lifetime of the fetch algorithm. Together with w3c/webappsec-csp#494 this ends up fixing #832.
1 parent 208e271 commit 3c0dd16

File tree

1 file changed

+22
-0
lines changed

1 file changed

+22
-0
lines changed

fetch.bs

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1519,6 +1519,15 @@ user-agent-defined object). Unless otherwise stated it is null.
15191519
<a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
15201520
<a for=/>request</a>'s <a for=request>origin</a>.
15211521

1522+
<p>A <a for=/>request</a> has an associated
1523+
<dfn export for=request id=concept-request-policy-container>policy container</dfn>, which is
1524+
"<code>client</code>" or a <a for=/>policy container</a>. Unless stated otherwise it is
1525+
"<code>client</code>".
1526+
1527+
<p class=note>"<code>client</code>" is changed to a <a for=/>policy container</a> during
1528+
<a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
1529+
<a for=/>request</a>'s <a for=request>policy container</a>.
1530+
15221531
<p>A <a for=/>request</a> has an associated
15231532
<dfn export for=request id=concept-request-referrer>referrer</dfn>, which is
15241533
"<code>no-referrer</code>", "<code>client</code>", or a <a for=/>URL</a>. Unless stated otherwise it
@@ -3586,6 +3595,19 @@ the request.
35863595
<var>request</var>'s <a for=request>origin</a> to <var>request</var>'s <a for=request>client</a>'s
35873596
<a for="environment settings object">origin</a>.
35883597

3598+
<li>
3599+
<p>If <var>request</var>'s <a for=request>policy container</a> is "<code>client</code>", then:
3600+
3601+
<ol>
3602+
<li><p>If <var>request</var>'s <a for=request>client</a> is non-null, then set
3603+
<var>request</var>'s <a for=request>policy container</a> to a
3604+
<a lt="clone a policy container">clone</a> of <var>request</var>'s <a for=request>client</a>'s
3605+
<a for="environment settings object">policy container</a>. [[!HTML]]
3606+
3607+
<li><p>Otherwise, set <var>request</var>'s <a for=request>policy container</a> to a new
3608+
<a for=/>policy container</a>.
3609+
</ol>
3610+
35893611
<li>
35903612
<p>If <var>request</var>'s <a for=request>header list</a>
35913613
<a for="header list">does not contain</a> `<code>Accept</code>`, then:

0 commit comments

Comments
 (0)