Skip to content

Introduce "override fetch". #1840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Introduce "override fetch". #1840

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
103 changes: 98 additions & 5 deletions fetch.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4614,7 +4614,8 @@ steps:
<li><p>Set <var>request</var>'s
<a for=request>response tainting</a> to "<code>basic</code>".

<li><p>Return the result of running <a>scheme fetch</a> given <var>fetchParams</var>.
<li><p>Return the result of running <a>override fetch</a> given "<code>scheme fetch</code>",
and <var>fetchParams</var>.
</ol>

<p class=note>HTML assigns any documents and workers created from <a for=/>URLs</a> whose
Expand All @@ -4633,7 +4634,8 @@ steps:

<li><p>Set <var>request</var>'s <a for=request>response tainting</a> to "<code>opaque</code>".

<li><p>Return the result of running <a>scheme fetch</a> given <var>fetchParams</var>.
<li><p>Return the result of running <a>override fetch</a> given "<code>scheme fetch</code>"
and <var>fetchParams</var>.
<!-- file URLs end up here as they are not same-origin typically. -->
</ol>

Expand All @@ -4652,8 +4654,8 @@ steps:
<a for=request>response tainting</a> to
"<code>cors</code>".

<li><p>Let <var>corsWithPreflightResponse</var> be the result of running <a>HTTP fetch</a>
given <var>fetchParams</var> and true.
<li><p>Let <var>corsWithPreflightResponse</var> be the result of running <a>override fetch</a>
given "<code>HTTP fetch</code>", <var>fetchParams</var>, and true.

<li><p>If <var>corsWithPreflightResponse</var> is a <a>network error</a>, then
<a>clear cache entries</a> using <var>request</var>.
Expand All @@ -4668,7 +4670,8 @@ steps:
<a for=request>response tainting</a> to
"<code>cors</code>".

<li><p>Return the result of running <a>HTTP fetch</a> given <var>fetchParams</var>.
<li><p>Return the result of running <a>override fetch</a> given "<code>HTTP fetch</code>" and
<var>fetchParams</var>.
</ol>
</dl>

Expand Down Expand Up @@ -4989,6 +4992,96 @@ steps:
</div>


<h3 id=override-fetch>Override fetch</h3>

<div algorithm>
<p>To <dfn id=concept-override-fetch>override fetch</dfn>, given a <var>type</var> (which is either
"<code>scheme fetch</code>" or "<code>http fetch</code>", a <a for=/>fetch params</a>
<var>fetchParams</var>, and an optional boolean <var>makeCORSPreflight</var> (default false):

<ol>
<li><p>Let <var>request</var> be <var>fetchParams</var>' <a for="fetch params">request</a>.

<li><p>Let <var>response</var> be the result of executing <a>Potentially override response for a
request</a> on <var>request</var>.

<li><p>If <var>response</var> is not null, return <var>response</var>.

<li><p>Switch on <var>type</var> and run the associated step:

<dl class=switch>
<dt>"<code>scheme fetch</code>"
<dd>
<p>Set <var>response</var> be the result of running <a>scheme fetch</a> given
<var>fetchParams</var>.

<dt>"<code>HTTP fetch</code>"
<dd>
<p>Set <var>response</var> be the result of running <a>HTTP fetch</a> given
<var>fetchParams</var> and <var>makeCORSPreflight</var>.
</dl>

<li><p>Return <var>response</var>.
</ol>
</div>

<div algorithm>
<p>The <dfn id=concept-potentially-override-response>potentially override response for a
request</dfn> algorithm takes a <a for=/>request</a> <var>request</var>, and returns either a
<a for=/>response</a> or null. Its behavior is <a>implementation-defined</a>, allowing user
agents to intervene on the <a for=/>request</a> by returning a response directly, or allowing the
request to proceed by returning null.

<p>By default, the algorithm has the following trivial implementation:

<ol>
<li><p>Return null.
</ol>

<div class=note>
<p>User agents will generally override this default implementation with a somewhat more complex
set of behaviors. For example, a user agent might decide that its users' safety is best preserved
by generally blocking requests to `https://unsafe.example/`, while synthesizing a shim for the
widely-used resource `https://unsafe.example/widget.js` to avoid breakage. That implementation
might look like the following:

<ol>
<li><p>If <var>request</var>'s <a for=request>current url</a>'s <a for=url>host</a>'s
<a for=host>registrable domain</a> is "<code>unsafe.example</code>":

<ol>
<li><p>If <var>request</var>'s <a for=request>current url</a>'s <a for=url>path</a> is
« "<code>widget.js</code>" », then:

<ol>
<li><p>Let <var>body</var> be [<em>insert a byte sequence representing the shimmed
content here</em>].

<li><p>Return a new <a for=/>response</a> with the following properties:

<dl>
<dt><a for=response>type</a>
<dd>"<code>cors</code>"

<dt><a for=response>status</a>
<dd>200</dd>

<dt>...
<dd>...

<dt><a for=response>body</a>
<dd>The result of getting <var>body</var> <a>as a body</a>.
</dl>
</ol>

<li><p>Return a <a>network error</a>.
</ol>
<li><p>Return null.
</ol>
</div>
</div>


<h3 id=scheme-fetch oldids=basic-fetch>Scheme fetch</h3>

<div algorithm>
Expand Down