diff --git a/fetch.bs b/fetch.bs index 7d36f3925..889572b0a 100755 --- a/fetch.bs +++ b/fetch.bs @@ -4614,7 +4614,8 @@ steps:
Set request's
response tainting to "basic
".
-
Return the result of running scheme fetch given fetchParams. +
Return the result of running override fetch given "scheme fetch
",
+ and fetchParams.
HTML assigns any documents and workers created from URLs whose @@ -4633,7 +4634,8 @@ steps:
Set request's response tainting to "opaque
".
-
Return the result of running scheme fetch given fetchParams. +
Return the result of running override fetch given "scheme fetch
"
+ and fetchParams.
@@ -4652,8 +4654,8 @@ steps:
response tainting to
"cors
".
-
Let corsWithPreflightResponse be the result of running HTTP fetch - given fetchParams and true. +
Let corsWithPreflightResponse be the result of running override fetch
+ given "HTTP fetch
", fetchParams, and true.
If corsWithPreflightResponse is a network error, then
clear cache entries using request.
@@ -4668,7 +4670,8 @@ steps:
response tainting to
"cors
".
-
Return the result of running HTTP fetch given fetchParams. +
Return the result of running override fetch given "HTTP fetch
" and
+ fetchParams.
@@ -4989,6 +4992,96 @@ steps:
+
To override fetch, given a type (which is either
+"scheme fetch
" or "http fetch
", a fetch params
+fetchParams, and an optional boolean makeCORSPreflight (default false):
+
+
Let request be fetchParams' request. + +
Let response be the result of executing Potentially override response for a + request on request. + +
If response is not null, return response. + +
Switch on type and run the associated step: + +
scheme fetch
"
+ Set response be the result of running scheme fetch given + fetchParams. + +
HTTP fetch
"
+ Set response be the result of running HTTP fetch given + fetchParams and makeCORSPreflight. +
Return response. +
The potentially override response for a +request algorithm takes a request request, and returns either a +response or null. Its behavior is implementation-defined, allowing user +agents to intervene on the request by returning a response directly, or allowing the +request to proceed by returning null. + +
By default, the algorithm has the following trivial implementation: + +
Return null. +
User agents will generally override this default implementation with a somewhat more complex + set of behaviors. For example, a user agent might decide that its users' safety is best preserved + by generally blocking requests to `https://unsafe.example/`, while synthesizing a shim for the + widely-used resource `https://unsafe.example/widget.js` to avoid breakage. That implementation + might look like the following: + +
If request's current url's host's
+ registrable domain is "unsafe.example
":
+
+
If request's current url's path is
+ « "widget.js
" », then:
+
+
Return a network error. +
Return null. +