koto
commented
1 month ago That's https://github.com/whatwg/html/issues/4651. We don't have a client passed to the algorithm, but that also fails in CSP before that happens.
Open mbrodesser-Igalia opened 1 month ago
koto
commented
1 month ago That's https://github.com/whatwg/html/issues/4651. We don't have a client passed to the algorithm, but that also fails in CSP before that happens.
Step 4 of [1]. It's passed a synthetic request from step 5 of [2].
CC @otherdaniel, @evilpie, @lukewarlow
[1] https://w3c.github.io/trusted-types/dist/spec/#require-trusted-types-for-pre-navigation-check [2] https://html.spec.whatwg.org/#the-javascript:-url-special-case