annevk
commented
3 months ago Yeah, we generally enforce the same things for them. See step 1 of https://fetch.spec.whatwg.org/#cors-preflight-fetch.
Open recvfrom opened 3 months ago
annevk
commented
3 months ago Yeah, we generally enforce the same things for them. See step 1 of https://fetch.spec.whatwg.org/#cors-preflight-fetch.
What is the issue with the Fetch Standard?
Preflight requests copy the corresponding request
destination[1], which means that preflights corresponding to an iframe navigation (for Private Network Access) would use a RequestDestination of "iframe". It seems like this would make this preflight request be considered a "navigation request" [2], which seems odd. Is this expected?Similarly, I'm wondering if there are other cases where preflights for various resource types would themselves be considered a "subresource request" [3], which also seems odd (but maybe less-so than the example above).
[1] https://fetch.spec.whatwg.org/#cors-preflight-fetch:~:text=destination%20is%20request%E2%80%99s%20destination [2] https://fetch.spec.whatwg.org/#navigation-request:~:text=A%20navigation%20request%20is%20a%20request%20whose%20destination%20is%20%22document%22%2C%20%22embed%22%2C%20%22frame%22%2C%20%22iframe%22%2C%20or%20%22object%22. [3] https://fetch.spec.whatwg.org/#subresource-request:~:text=A%20subresource%20request%20is%20a%20request%20whose%20destination%20is%20%22audio%22%2C%20%22audioworklet%22%2C%20%22font%22%2C%20%22image%22%2C%20%22json%22%2C%20%22manifest%22%2C%20%22paintworklet%22%2C%20%22script%22%2C%20%22style%22%2C%20%22track%22%2C%20%22video%22%2C%20%22xslt%22%2C%20or%20the%20empty%20string.