We update spec.bs to include in the Fetch monkey patch that the new 'Shared-Storage-Write' header should be added to the list of forbidden response headers.
This will ensure that the 'Shared-Storage-Write' response header can only be set by the server and read by the user agent. Frontend JavaScript will not be able to read, write, or modify it.
We update spec.bs to include in the Fetch monkey patch that the new '
Shared-Storage-Write
' header should be added to the list of forbidden response headers.This will ensure that the '
Shared-Storage-Write
' response header can only be set by the server and read by the user agent. Frontend JavaScript will not be able to read, write, or modify it.Preview | Diff