[Webkit-unassigned] [Bug 256472] Incorrect Sec-Fetch-Site values on iframes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat May 27 05:34:25 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=256472
--- Comment #6 from Anne van Kesteren <annevk at annevk.nl> ---
Patrick, two things:
1. Best not to look at MDN to figure out what to implement. https://w3c.github.io/webappsec-fetch-metadata/ is the relevant specification.
2. Looking at https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-set-site step 4 and the explanation linked there makes it clear to me that when navigating a nested document "none" can never be correct. A user-initiated navigation as meant there would always involve a top-level navigation.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230527/4d42ded6/attachment.htm>
More information about the webkit-unassigned
mailing list