`process header` algorithm references undefined fetch response HTTPS state

[simonwuelker]

In https://w3c.github.io/reporting/#process-header, Step 1 tells us to

Abort these steps if response’s HTTPS state is not "modern", and the origin of response’s url is not potentially trustworthy.

However, the fetch specification does not define the concept of a response's HTTPS state (the link reference is not valid either)

[clelland]

Thanks! It looks like that was removed ~4 years ago in https://github.com/whatwg/fetch/issues/1062.

We should switch to a scheme check instead.