You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@ricea asked in #144 that the analysis @jakearchibald made in #144 (comment) about range requests versus the same-origin policy really deserves to be detailed somewhere more officially.
That made me think that perhaps we should have a section detailing the same-origin policy and what it means for networking.
(There's also some other bits we do for security that are not strictly about the same-origin policy, e.g., https://fetch.spec.whatwg.org/#atomic-http-redirect-handling. I'm not sure how to fit those in. Perhaps leaving them standalone is fine.)
The text was updated successfully, but these errors were encountered:
That example note seems appropriate, though I'd have to review it in context. I think we definitely want to have notes/example in context as well. However, I also think having a general section at some point that outlines the overall model of thinking about the problem space can be helpful.
@ricea asked in #144 that the analysis @jakearchibald made in #144 (comment) about range requests versus the same-origin policy really deserves to be detailed somewhere more officially.
That made me think that perhaps we should have a section detailing the same-origin policy and what it means for networking.
The specification already has various bits through that talk about this, e.g., https://fetch.spec.whatwg.org/#cors-protocol-exceptions, but it might make sense to have something more general.
(There's also some other bits we do for security that are not strictly about the same-origin policy, e.g., https://fetch.spec.whatwg.org/#atomic-http-redirect-handling. I'm not sure how to fit those in. Perhaps leaving them standalone is fine.)
The text was updated successfully, but these errors were encountered: