This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 17305 - No CORS and not-same-origin should not fetch the URL
Summary: No CORS and not-same-origin should not fetch the URL
Alias: None
Product: WHATWG
Classification: Unclassified
Component: HTML (show other bugs)
Version: unspecified
Hardware: Other other
: P3 normal
Target Milestone: Unsorted
Assignee: Ian 'Hixie' Hickson
QA Contact: contributor
Depends on:
Reported: 2012-06-04 13:28 UTC by contributor
Modified: 2012-08-29 19:32 UTC (History)
3 users (show)

See Also:


Description contributor 2012-06-04 13:28:28 UTC

No CORS and not-same-origin should not fetch the URL

Posted from: by
User agent: Opera/9.80 (Macintosh; Intel Mac OS X 10.7.3; U; en) Presto/2.10.229 Version/11.64
Comment 1 Simon Pieters 2012-06-04 13:37:25 UTC
When failure mode is "fail" and mode is "No CORS", we shouldn't fetch anything at all but just fail directly.
Comment 2 Simon Pieters 2012-06-05 07:31:57 UTC
Similarly, if /default/ is "fail", and /mode/ is "No CORS", and /URL/ is a same-origin URL that redirects to a different-origin URL, the redirect shouldn't be followed but should fail at that point.
Comment 3 contributor 2012-07-18 17:42:42 UTC
This bug was cloned to create bug 18215 as part of operation convergence.
Comment 4 Ian 'Hixie' Hickson 2012-07-27 03:12:50 UTC
Can you elaborate?
Comment 5 Simon Pieters 2012-08-15 09:33:01 UTC
When /default/ is "fail", we don't want to waste network resources on fetches we know we're not going to accept. This also applies in case of redirects.

This came up as part of implementing <track>.