Revisit navigation requests' destination.

As discussed in w3c/webappsec-fetch-metadata#45, this patch splits the `document` destination into `document`, `frame`, and `iframe`. These destinations distinguish top-level navigation from nested navigation, and exposing this data via `Sec-Fetch-Dest` will allow developers to better understand the nature of a request. This patch also redefines "navigation request" and "non-subresource request" to include `embed` and `object` destinations as a consequence of the conversation in [1], which will also change the `mode` of those requests from `no-cors` to `navigate` [2]. These changes are covered by WPT in //fetch/metadata, specifically [3], [4], [5], and [6]. [1]: #948 (comment) [2]: https://github.com/whatwg/html/pull/4976/files [3]: https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/embed.tentative.https.sub.html [4]: https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/object.tentative.https.sub.html [5]: https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/iframe.tentative.https.sub.html [6]: https://github.com/web-platform-tests/wpt/blob/master/fetch/metadata/navigation.tentative.https.sub.html
whatwg · Feb 14, 2020 · d91d0ea · d91d0ea
1 parent d5c3d8b
commit d91d0ea
Showing 1 changed file with 20 additions and 17 deletions.
diff --git a/fetch.bs b/fetch.bs
@@ -1185,6 +1185,8 @@ the empty string,
 "<code>document</code>",
 "<code>embed</code>",
 "<code>font</code>",
+"<code>frame</code>",
+"<code>iframe</code>",
 "<code>image</code>",
 "<code>manifest</code>",
 "<code>object</code>",
@@ -1228,17 +1230,21 @@ not always relevant and might require different behavior.
    <th>CSP directive
    <th>Features
   <tr>
-   <td rowspan=18>""
+   <td rowspan=19>""
    <td>"<code>report</code>"
    <td rowspan=2>&mdash;
    <td>CSP, NEL reports.
   <tr>
    <td>"<code>document</code>"
    <td>HTML's navigate algorithm.
   <tr>
-   <td>"<code>document</code>"
+   <td>"<code>frame</code>"
+   <td><code>child-src</code>
+   <td>HTML's <code>&lt;frame></code>
+  <tr>
+   <td>"<code>iframe</code>"
    <td><code>child-src</code>
-   <td>HTML's <code>&lt;iframe></code> and <code>&lt;frame></code>
+   <td>HTML's <code>&lt;iframe></code>
   <tr>
    <td>""
    <td><code>connect-src</code>
@@ -1604,19 +1610,15 @@ whose <a for=request>destination</a> is "<code>audio</code>", "<code>audioworkle
 "<code>script</code>", "<code>style</code>", "<code>track</code>", "<code>video</code>",
 "<code>xslt</code>", or the empty string.
 
-<p>A <dfn export>potential-navigation-or-subresource request</dfn> is a
-<a for=/>request</a> whose
-<a for=request>destination</a> is
-"<code>object</code>" or "<code>embed</code>".
-
 <p>A <dfn export>non-subresource request</dfn> is a <a for=/>request</a>
-whose <a for=request>destination</a> is "<code>document</code>",
-"<code>report</code>", "<code>serviceworker</code>", "<code>sharedworker</code>",
-or "<code>worker</code>".
+whose <a for=request>destination</a> is "<code>document</code>", "<code>embed</code>",
+"<code>frame</code>", "<code>iframe</code>", "<code>object</code>", "<code>report</code>",
+"<code>serviceworker</code>", "<code>sharedworker</code>", or "<code>worker</code>".
 
 <p>A <dfn export>navigation request</dfn> is a <a for=/>request</a> whose
 <a for=request>destination</a> is
-"<code>document</code>".
+"<code>document</code>", "<code>embed</code>", "<code>frame</code>", "<code>iframe</code>",
+or "<code>object</code>".
 
 <p class=note>See <a for=/>handle fetch</a> for usage of these terms.
 [[!SW]]
@@ -3240,16 +3242,17 @@ the request.
     <ol>
      <li><p>Let <var>value</var> be `<code>*/*</code>`.
 
-     <li><p>If <var>request</var> is a <a>navigation request</a>, a user agent should set
-     <var>value</var> to
-     `<code>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</code>`.
-
      <li>
       <p>Otherwise, a user agent should set <var>value</var> to the first matching statement, if
       any, switching on <var>request</var>'s <a for=request>destination</a>:
       <!-- https://github.com/whatwg/fetch/issues/43#issuecomment-97909717 -->
 
       <dl class=switch>
+       <dt>"<code>document</code>"
+       <dt>"<code>frame</code>"
+       <dt>"<code>iframe</code>"
+       <dd>`<code>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</code>`
+
        <dt>"<code>image</code>"
        <dd>`<code>image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5</code>`
 
@@ -5799,7 +5802,7 @@ dictionary RequestInit {
   any window; // can only be set to null
 };
 
-enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "image", "manifest", "object", "paintworklet", "report", "script", "sharedworker", "style",  "track", "video", "worker", "xslt" };
+enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report", "script", "sharedworker", "style",  "track", "video", "worker", "xslt" };
 enum RequestMode { "navigate", "same-origin", "no-cors", "cors" };
 enum RequestCredentials { "omit", "same-origin", "include" };
 enum RequestCache { "default", "no-store", "reload", "no-cache", "force-cache", "only-if-cached" };