Drop the “Feature Policy integration” section

whatwg / xhr

XMLHttpRequest Standard

https://xhr.spec.whatwg.org/

Other

314 stars 129 forks source link

Drop the “Feature Policy integration” section #322

Closed sideshowbarker closed 3 years ago

sideshowbarker commented 3 years ago

See https://github.com/whatwg/xhr/pull/321 and https://github.com/whatwg/xhr/pull/295

Preview | Diff

annevk commented 3 years ago

Thanks, you'll also need to remove the instance of sync-xhr elsewhere.

sideshowbarker commented 3 years ago

Thanks, you'll also need to remove the instance of sync-xhr elsewhere.

That’s in https://github.com/w3c/webappsec-permissions-policy/blob/ab4fa82727f370307117e61d170ca9a2f21dc29b/index.bs#L1126-L1128

So, I’ll raise a PR against the Permissions Policy spec to drop or change that.

But note also, the Permissions Policy has an example with this:

   const new_frame = document.createElement('iframe');
   new_frame.allow = 'sync-xhr';
   // This will be true, as the iframe is allowed to use sync-xhr at whatever URL is
   // mentioned in its src attribute, even though that attribute is not yet set.
   const is_sync_xhr_allowed = new_frame.featurePolicy.allowsFeature('sync-xhr');

https://w3c.github.io/webappsec-permissions-policy/#example-92e8a40f

So, I guess I’ll need replace that example with something else. Suggestion welcome.

annevk commented 3 years ago

I didn't mean that, sorry, I meant the step in https://xhr.spec.whatwg.org/#dom-xmlhttprequest-send (which is why the build is failing). But if you want to take the other bits on as well, sounds good to me. 😊

A good example of a Permissions Policy would be camera or geolocation.

sideshowbarker commented 3 years ago

I didn't mean that, sorry, I meant the step in xhr.spec.whatwg.org/#dom-xmlhttprequest-send (which is why the build is failing).

ah OK — pushed a commit to drop that step

But if you want to take the other bits on as well, sounds good to me. 😊

A good example of a Permissions Policy would be camera or geolocation.

Thanks — I’ll raise a PR against the Permissions Policy spec to change the example/reference there to one of those

sideshowbarker commented 3 years ago

For the sync-xhr references in the Permissions Policy spec, I just raised an issue https://github.com/w3c/webappsec-permissions-policy/issues/419

annevk commented 3 years ago

@sideshowbarker thanks! It seems this needs an update to MDN as well as it currently references XHR for this?

annevk commented 3 years ago

Ah, that was resolved by https://github.com/mdn/browser-compat-data/commit/bcc150faf0fbaa2a54f87cb0e60e5a2d85e0a1ed.

sideshowbarker commented 3 years ago

Ah, that was resolved by mdn/browser-compat-data@bcc150f.

Yeah but actually there are some other changes we can make to mdn/content; I’ll raise a PR there too

sideshowbarker commented 3 years ago

https://github.com/mdn/content/pull/3529 is the update to the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy/sync-xhr article