You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In terms of observable effects, this means that attempting to relax the same-origin restriction using document.domain will instead do nothing, and it will not be possible to send WebAssembly.Module objects to cross-origin Documents (even if they are same site).\
2230
2230
</li>
@@ -3358,7 +3358,7 @@ <h5 title="Browsing context group switches due to opener policy">7.1.3.2. ~opene
3358
3358
<p>
3359
3359
~IF[
3360
3360
( %~source生成元, %行先~生成元 )
3361
-
は`同じ~site$でない
3361
+
は`同一-~site$でない
3362
3362
]:
3363
3363
◎
3364
3364
If sourceOrigin is not same site with destinationOrigin:
If that response redirected to https://example.net/redirect, that request’s Sec-Fetch-Site value would be cross-site (as https://example.net/ is not same-site with https://example.com/ and https://subdomain.example.com/).\
If that response redirects all the way back to https://example.com/, the final request’s Sec-Fetch-Site value would still be cross-site (as the redirect chain includes https://example.net/, which is still not same-site with the other URLs.
0 commit comments