Network Intercept: add validation for "method"

[thiagowfx]

Currently, network methods use the following type:

?method: text,

For example, in https://w3c.github.io/webdriver-bidi/#command-network-continueRequest.

That said:

• A method is defined as this: https://fetch.spec.whatwg.org/#concept-method
• Which is in turn defined as https://fetch.spec.whatwg.org/#concept-method

Here is a verbatim copy:

Method Name	Description	Section
GET	Transfer a current representation of the target resource.	9.3.1
HEAD	Same as GET, but do not transfer the response content.	9.3.2
POST	Perform resource-specific processing on the request content.	9.3.3
PUT	Replace all current representations of the target resource with the request content.	9.3.4
DELETE	Remove all current representations of the target resource.	9.3.5
CONNECT	Establish a tunnel to the server identified by the target resource.	9.3.6
OPTIONS	Describe the communication options for the target resource.	9.3.7
TRACE	Perform a message loop-back test along the path to the target resource.	9.3.8

Only the strings above are valid methods.

We should make the spec stricter by using an union of the aforementioned words instead of allowing any free-form "text".

[thiagowfx]

cc @juliandescottes @sadym-chromium @jgraham

[thiagowfx]

Follow-up questions:

• Should it be case insensitive?
• Do we also need PATCH? It's not listed in the aforementioned table.

[juliandescottes]

I'm not sure those are the only methods usable with fetch? The spec says in a Note:

There are no restrictions on methods. CHICKEN is perfectly acceptable (and not a misspelling of CHECKIN). Other than those that are normalized there are no casing restrictions either. Egg or eGg would be fine, though uppercase is encouraged for consistency.

I don't think I would restrict the method list or enforce case and just let the browser handle the method normalisation as it usually does?

[thiagowfx]

Oh, I missed this. Then...no AI needed, I suppose? Closing.