Skip to content

Throw SecurityError on non-trustworthy URLs in fetchLater #1858

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
TimvdLippe wants to merge 1 commit into from
Closed

Throw SecurityError on non-trustworthy URLs in fetchLater #1858

TimvdLippe wants to merge 1 commit into from

Conversation

@TimvdLippe
Copy link
Contributor

@TimvdLippe TimvdLippe commented Sep 28, 2025
edited by pr-preview bot
Loading

@annevk
Copy link
Member

annevk commented Sep 29, 2025

cc @noamr

@annevk
Copy link
Member

annevk commented Sep 29, 2025

I wonder if the test is wrong here. I think we decided that we should align with fetch() on throwing TypeError everywhere.

@noamr
Copy link
Contributor

noamr commented Sep 29, 2025

I wonder if the test is wrong here. I think we decided that we should align with fetch() on throwing TypeError everywhere.

Yea that's what I recall as well.
We should fix the test and chromium implementation
Cc @mingyc

@TimvdLippe
Copy link
Contributor Author

TimvdLippe commented Sep 29, 2025

As part of the Servo PR I can update the test. Shall I?

@annevk
Copy link
Member

annevk commented Sep 29, 2025

Yeah please. After that this PR can be closed. Thank you!

@noamr
Copy link
Contributor

noamr commented Sep 29, 2025

As part of the Servo PR I can update the test. Shall I?

Thanks for opening these issues as part of Servo, it helps makes the specs & general interop bettter!

@TimvdLippe TimvdLippe mentioned this pull request Sep 30, 2025
Merged
@servo-wpt-sync servo-wpt-sync mentioned this pull request Sep 30, 2025
Merged
github-merge-queue bot pushed a commit to servo/servo that referenced this pull request Oct 1, 2025
@TimvdLippe
Implement fetchLater (#39547)
794faac 
Allows fetches to be deferred, only in a secure context. It does not yet
implement quota computation, since we don't have a concept of document
quota yet.

Also update the `fetch/api/idlharness` test to run in a secure context,
since this API is only available there.

Positive Mozilla position:
mozilla/standards-positions#703
Positive WebKit position:
WebKit/standards-positions#85

Closes whatwg/fetch#1858

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
github-merge-queue bot pushed a commit to servo/servo that referenced this pull request Oct 2, 2025
@TimvdLippe
Implement fetchLater (#39547)
680a780 
Allows fetches to be deferred, only in a secure context. It does not yet
implement quota computation, since we don't have a concept of document
quota yet.

Also update the `fetch/api/idlharness` test to run in a secure context,
since this API is only available there.

Positive Mozilla position:
mozilla/standards-positions#703
Positive WebKit position:
WebKit/standards-positions#85

Closes whatwg/fetch#1858

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@TimvdLippe @annevk @noamr