Skip to content

Commit f59bcf6

Browse files
committed
Meta: internal response belongs to filtered response
Fixes #695.
1 parent 98f23db commit f59bcf6

File tree

1 file changed

+31
-38
lines changed

1 file changed

+31
-38
lines changed

fetch.bs

Lines changed: 31 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -1912,20 +1912,20 @@ known as an <dfn export id=concept-aborted-network-error>aborted network error</
19121912
<a>network error</a>. This
19131913
<a for=/>response</a> is referred to as the
19141914
<a>filtered response</a>'s associated
1915-
<dfn export id=concept-internal-response for=internal>internal response</dfn>.
1915+
<dfn export id=concept-internal-response for="filtered response">internal response</dfn>.
19161916

19171917
<p class="note no-backref">The <a for=/>fetch</a> algorithm returns such a view to ensure APIs do
19181918
not accidentally leak information. If the information needs to be exposed for legacy reasons, e.g.,
1919-
to feed image data to a decoder, the associated <a for=internal>internal response</a> can be used,
1920-
which is only "accessible" to internal specification algorithms and is never a
1919+
to feed image data to a decoder, the associated <a for="filtered response">internal response</a> can
1920+
be used, which is only "accessible" to internal specification algorithms and is never a
19211921
<a>filtered response</a> itself.
19221922

19231923
<p>A <dfn export id=concept-filtered-response-basic>basic filtered response</dfn> is a
19241924
<a>filtered response</a> whose
19251925
<a for=response>type</a> is "<code>basic</code>" and
19261926
<a for=response>header list</a> excludes any
19271927
<a for=/>headers</a> in
1928-
<a for=internal>internal response</a>'s
1928+
<a for="filtered response">internal response</a>'s
19291929
<a for=response>header list</a> whose
19301930
<a for=header>name</a> is a
19311931
<a>forbidden response-header name</a>.
@@ -1935,11 +1935,11 @@ which is only "accessible" to internal specification algorithms and is never a
19351935
<a for=response>type</a> is "<code>cors</code>" and
19361936
<a for=response>header list</a> excludes any
19371937
<a for=/>headers</a> in
1938-
<a for=internal>internal response</a>'s
1938+
<a for="filtered response">internal response</a>'s
19391939
<a for=response>header list</a> whose
19401940
<a for=header>name</a> is <em>not</em> a
19411941
<a>CORS-safelisted response-header name</a>, given
1942-
<a for=internal>internal response</a>'s
1942+
<a for="filtered response">internal response</a>'s
19431943
<a for=response>CORS-exposed header-name list</a>.
19441944

19451945
<p>An <dfn export id=concept-filtered-response-opaque>opaque filtered response</dfn> is a
@@ -1965,24 +1965,23 @@ is a <a>filtered response</a> whose
19651965
<a lt="opaque-redirect filtered response">opaque-redirect filtered responses</a> is harmless since
19661966
no redirects are followed.
19671967

1968-
<p>In other words, an <a>opaque filtered response</a>
1969-
and an
1970-
<a>opaque-redirect filtered response</a> are
1971-
nearly indistinguishable from a <a>network error</a>. When
1972-
introducing new APIs, do not use the <a for=internal>internal response</a>
1973-
for internal specification algorithms as that will leak information.
1968+
<p>In other words, an <a>opaque filtered response</a> and an
1969+
<a>opaque-redirect filtered response</a> are nearly indistinguishable from a <a>network error</a>.
1970+
When introducing new APIs, do not use the <a for="filtered response">internal response</a> for
1971+
internal specification algorithms as that will leak information.
19741972

1975-
<p>This also means that JavaScript APIs, such as <a attribute for=Response lt=ok><code>response.ok</code></a>,
1976-
will return rather useless results.
1973+
<p>This also means that JavaScript APIs, such as
1974+
<a attribute for=Response lt=ok><code>response.ok</code></a>, will return rather useless results.
19771975
</div>
19781976

19791977
<p>To <dfn export for=response id=concept-response-clone>clone</dfn> a
19801978
<a for=/>response</a> <var>response</var>, run these steps:
19811979

19821980
<ol>
1983-
<li><p>If <var>response</var> is a <a>filtered response</a>, then return a new identical filtered
1984-
response whose <a lt="internal response" for=internal>internal response</a> is a
1985-
<a for=response>clone</a> of <var>response</var>'s <a for=internal>internal response</a>.
1981+
<li><p>If <var>response</var> is a <a>filtered response</a>, then return a new identical
1982+
<a>filtered response</a> whose <a for="filtered response">internal response</a> is a
1983+
<a for=response>clone</a> of <var>response</var>'s
1984+
<a for="filtered response">internal response</a>.
19861985

19871986
<li><p>Let <var>newResponse</var> be a copy of <var>response</var>, except for its
19881987
<a for=response>body</a>.
@@ -3059,10 +3058,9 @@ Cross-Origin-Resource-Policy = %s"same-origin" / %s"same-site" / %s"cross-or
30593058

30603059
<p class="note no-backref">Only HTML's navigate algorithm uses this check with
30613060
<var>forNavigation</var> set to true, and it's always for nested navigations. Otherwise,
3062-
<var>response</var> is either the <a for=internal>internal response</a> of an
3061+
<var>response</var> is either the <a for="filtered response">internal response</a> of an
30633062
<a>opaque filtered response</a> or a <a for=/>response</a> which will be the
3064-
<a for=internal>internal response</a> of an
3065-
<a>opaque filtered response</a>. [[HTML]]
3063+
<a for="filtered response">internal response</a> of an <a>opaque filtered response</a>. [[HTML]]
30663064

30673065
<p>To perform a <dfn>cross-origin resource policy internal check</dfn>, given an
30683066
<a for=url>origin</a> <var>origin</var>, an <a for=/>embedder policy value</a>
@@ -3550,10 +3548,9 @@ optionally with a <i>recursive flag</i>, run these steps:
35503548
</ol>
35513549

35523550
<li>
3553-
<p>Set <var>response</var> to the following
3554-
<a>filtered response</a> with <var>response</var> as its
3555-
<a for=internal>internal response</a>, depending on
3556-
<var>request</var>'s <a for=request>response tainting</a>:
3551+
<p>Set <var>response</var> to the following <a>filtered response</a> with <var>response</var> as
3552+
its <a for="filtered response">internal response</a>, depending on <var>request</var>'s
3553+
<a for=request>response tainting</a>:
35573554

35583555
<dl class="switch compact">
35593556
<dt>"<code>basic</code>"
@@ -3566,8 +3563,8 @@ optionally with a <i>recursive flag</i>, run these steps:
35663563
</ol>
35673564

35683565
<li><p>Let <var>internalResponse</var> be <var>response</var>, if <var>response</var> is a
3569-
<a>network error</a>, and <var>response</var>'s
3570-
<a for=internal>internal response</a> otherwise.
3566+
<a>network error</a>, and <var>response</var>'s <a for="filtered response">internal response</a>
3567+
otherwise.
35713568

35723569
<li>
35733570
<p>If <var>internalResponse</var>'s <a for=response>URL list</a> <a for=list>is empty</a>, then
@@ -3845,7 +3842,7 @@ optional <i>CORS-preflight flag</i>, run these steps:
38453842

38463843
<li><p>Set <var>actualResponse</var> to <var>response</var>, if <var>response</var> is not a
38473844
<a>filtered response</a>, and to <var>response</var>'s
3848-
<a for=internal>internal response</a> otherwise.
3845+
<a for="filtered response">internal response</a> otherwise.
38493846

38503847
<li>
38513848
<p>If one of the following is true
@@ -3972,10 +3969,8 @@ optional <i>CORS-preflight flag</i>, run these steps:
39723969
<dd><p>Set <var>response</var> to a <a>network error</a>.
39733970

39743971
<dt>"<code>manual</code>"
3975-
<dd><p>Set <var>response</var> to an
3976-
<a>opaque-redirect filtered response</a>
3977-
whose <a for=internal>internal response</a> is
3978-
<var>actualResponse</var>.
3972+
<dd><p>Set <var>response</var> to an <a>opaque-redirect filtered response</a> whose
3973+
<a for="filtered response">internal response</a> is <var>actualResponse</var>.
39793974

39803975
<dt>"<code>follow</code>"
39813976
<dd><p>Set <var>response</var> to the result of performing <a>HTTP-redirect fetch</a> using
@@ -4001,7 +3996,7 @@ optional <i>CORS-preflight flag</i>, run these steps:
40013996
<ol>
40023997
<li><p>Let <var>actualResponse</var> be <var>response</var>, if <var>response</var> is not a
40033998
<a>filtered response</a>, and <var>response</var>'s
4004-
<a for=internal>internal response</a> otherwise.
3999+
<a for="filtered response">internal response</a> otherwise.
40054000

40064001
<li><p>If <var>actualResponse</var>'s <a for=response>location URL</a>
40074002
is null, then return <var>response</var>.
@@ -6966,12 +6961,10 @@ Developers have almost no control over
69666961

69676962
<h3 id=atomic-http-redirect-handling dfn class=no-num>Atomic HTTP redirect handling</h3>
69686963

6969-
<p>Redirects (a <a for=/>response</a> whose
6970-
<a for=response>status</a> or
6971-
<a for=internal>internal response</a>'s (if any)
6972-
<a for=response>status</a> is a <a>redirect status</a>) are not exposed
6973-
to APIs. Exposing redirects might leak information not otherwise available through a cross-site
6974-
scripting attack.
6964+
<p>Redirects (a <a for=/>response</a> whose <a for=response>status</a> or
6965+
<a for="filtered response">internal response</a>'s (if any) <a for=response>status</a> is a
6966+
<a>redirect status</a>) are not exposed to APIs. Exposing redirects might leak information not
6967+
otherwise available through a cross-site scripting attack.
69756968

69766969
<p id=example-xss-redirect class=example>A fetch to <code>https://example.org/auth</code> that includes a
69776970
<code>Cookie</code> marked <code>HttpOnly</code> could result in a redirect to

0 commit comments

Comments
 (0)