Skip to content

Commit

Permalink
Revisit request's destination for embed/frame/iframe/object
Browse files Browse the repository at this point in the history 
As discussed in w3c/webappsec-fetch-metadata#45, this splits the "document" destination into "document", "frame", and "iframe". These destinations distinguish top-level navigation from nested navigation, and exposing this data via `Sec-Fetch-Dest` will allow developers to better understand the nature of a request.

This patch also redefines "navigation request" and "non-subresource request" to include "embed" and "object" destinations as discussed at #948 (comment). That discussion also resulted in other changes:

* whatwg/html#4976
* w3c/ServiceWorker#1486

Tests:

* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/embed.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/object.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/iframe.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/navigation.tentative.https.sub.html
* https://github.com/web-platform-tests/wpt/blob/master/service-workers/service-worker/embed-and-object-are-not-intercepted.https.html
  • Loading branch information
@mikewest
mikewest authored Jun 5, 2020
1 parent 9ac2b5b commit 57305b8
Showing 1 changed file with 23 additions and 20 deletions.
43 changes: 23 additions & 20 deletions fetch.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1185,6 +1185,8 @@ the empty string,
"<code>document</code>",
"<code>embed</code>",
"<code>font</code>",
"<code>frame</code>",
"<code>iframe</code>",
"<code>image</code>",
"<code>manifest</code>",
"<code>object</code>",
Expand Down Expand Up @@ -1228,17 +1230,21 @@ not always relevant and might require different behavior.
<th>CSP directive
<th>Features
<tr>
<td rowspan=18>""
<td rowspan=19>""
<td>"<code>report</code>"
<td rowspan=2>&mdash;
<td>CSP, NEL reports.
<tr>
<td>"<code>document</code>"
<td>HTML's navigate algorithm.
<td>HTML's navigate algorithm (top-level only).
<tr>
<td>"<code>document</code>"
<td>"<code>frame</code>"
<td><code>child-src</code>
<td>HTML's <code>&lt;frame></code>
<tr>
<td>"<code>iframe</code>"
<td><code>child-src</code>
<td>HTML's <code>&lt;iframe></code> and <code>&lt;frame></code>
<td>HTML's <code>&lt;iframe></code>
<tr>
<td>""
<td><code>connect-src</code>
Expand Down Expand Up @@ -1604,19 +1610,15 @@ whose <a for=request>destination</a> is "<code>audio</code>", "<code>audioworkle
"<code>script</code>", "<code>style</code>", "<code>track</code>", "<code>video</code>",
"<code>xslt</code>", or the empty string.

<p>A <dfn export>potential-navigation-or-subresource request</dfn> is a
<a for=/>request</a> whose
<a for=request>destination</a> is
"<code>object</code>" or "<code>embed</code>".

<p>A <dfn export>non-subresource request</dfn> is a <a for=/>request</a>
whose <a for=request>destination</a> is "<code>document</code>",
"<code>report</code>", "<code>serviceworker</code>", "<code>sharedworker</code>",
or "<code>worker</code>".
whose <a for=request>destination</a> is "<code>document</code>", "<code>embed</code>",
"<code>frame</code>", "<code>iframe</code>", "<code>object</code>", "<code>report</code>",
"<code>serviceworker</code>", "<code>sharedworker</code>", or "<code>worker</code>".

<p>A <dfn export>navigation request</dfn> is a <a for=/>request</a> whose
<a for=request>destination</a> is
"<code>document</code>".
"<code>document</code>", "<code>embed</code>", "<code>frame</code>", "<code>iframe</code>",
or "<code>object</code>".

<p class=note>See <a for=/>handle fetch</a> for usage of these terms.
[[!SW]]
Expand Down Expand Up @@ -3262,16 +3264,17 @@ the request.
<ol>
<li><p>Let <var>value</var> be `<code>*/*</code>`.

<li><p>If <var>request</var> is a <a>navigation request</a>, a user agent should set
<var>value</var> to
`<code>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</code>`.

<li>
<p>Otherwise, a user agent should set <var>value</var> to the first matching statement, if
any, switching on <var>request</var>'s <a for=request>destination</a>:
<p>A user agent should set <var>value</var> to the first matching statement, if any, switching
on <var>request</var>'s <a for=request>destination</a>:
<!-- https://github.com/whatwg/fetch/issues/43#issuecomment-97909717 -->

<dl class=switch>
<dt>"<code>document</code>"
<dt>"<code>frame</code>"
<dt>"<code>iframe</code>"
<dd>`<code>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</code>`

<dt>"<code>image</code>"
<dd>`<code>image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5</code>`

Expand Down Expand Up @@ -5823,7 +5826,7 @@ dictionary RequestInit {
any window; // can only be set to null
};

enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "image", "manifest", "object", "paintworklet", "report", "script", "sharedworker", "style", "track", "video", "worker", "xslt" };
enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report", "script", "sharedworker", "style", "track", "video", "worker", "xslt" };
enum RequestMode { "navigate", "same-origin", "no-cors", "cors" };
enum RequestCredentials { "omit", "same-origin", "include" };
enum RequestCache { "default", "no-store", "reload", "no-cache", "force-cache", "only-if-cached" };
Expand Down

0 comments on commit 57305b8

Please sign in to comment.