RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 15:07:45 +00:00
Code Issues Activity Actions

LibWeb: Explain the use-URL-credentials flag

Browse source 
This is a change in the Fetch spec.

See: a388348
This commit is contained in:
Linus Groh 2022-10-30 14:41:36 +00:00
parent d2deb8fa6d
commit 55315d72f7
1 changed files with 43 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

61
Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h
View file

@ -332,7 +332,8 @@ private:
HTML::EnvironmentSettingsObject* m_client { nullptr };
// https://fetch.spec.whatwg.org/#concept-request-reserved-client
// A request has an associated reserved client (null, an environment, or an environment settings object). Unless stated otherwise it is null.
// A request has an associated reserved client (null, an environment, or an environment settings object). Unless
// stated otherwise it is null.
ReservedClientType m_reserved_client;
// https://fetch.spec.whatwg.org/#concept-request-replaces-client-id
@ -340,7 +341,8 @@ private:
String m_replaces_client_id { String::empty() };
// https://fetch.spec.whatwg.org/#concept-request-window
// A request has an associated window ("no-window", "client", or an environment settings object whose global object is a Window object). Unless stated otherwise it is "client".
// A request has an associated window ("no-window", "client", or an environment settings object whose global object
// is a Window object). Unless stated otherwise it is "client".
WindowType m_window { Window::Client };
// https://fetch.spec.whatwg.org/#request-keepalive-flag
@ -348,7 +350,9 @@ private:
bool m_keepalive { false };
// https://fetch.spec.whatwg.org/#request-initiator-type
// A request has an associated initiator type, which is null, "audio", "beacon", "body", "css", "early-hint", "embed", "fetch", "font", "frame", "iframe", "image", "img", "input", "link", "object", "ping", "script", "track", "video", "xmlhttprequest", or "other". Unless stated otherwise it is null. [RESOURCE-TIMING]
// A request has an associated initiator type, which is null, "audio", "beacon", "body", "css", "early-hint",
// "embed", "fetch", "font", "frame", "iframe", "image", "img", "input", "link", "object", "ping", "script",
// "track", "video", "xmlhttprequest", or "other". Unless stated otherwise it is null. [RESOURCE-TIMING]
Optional<InitiatorType> m_initiator_type;
// https://fetch.spec.whatwg.org/#request-service-workers-mode
@ -356,12 +360,17 @@ private:
ServiceWorkersMode m_service_workers_mode { ServiceWorkersMode::All };
// https://fetch.spec.whatwg.org/#concept-request-initiator
// A request has an associated initiator, which is the empty string, "download", "imageset", "manifest", "prefetch", "prerender", or "xslt". Unless stated otherwise it is the empty string.
// A request has an associated initiator, which is the empty string, "download", "imageset", "manifest",
// "prefetch", "prerender", or "xslt". Unless stated otherwise it is the empty string.
Optional<Initiator> m_initiator;
// https://fetch.spec.whatwg.org/#concept-request-destination
// A request has an associated destination, which is the empty string, "audio", "audioworklet", "document", "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report", "script", "serviceworker", "sharedworker", "style", "track", "video", "webidentity", "worker", or "xslt". Unless stated otherwise it is the empty string.
// NOTE: These are reflected on RequestDestination except for "serviceworker" and "webidentity" as fetches with those destinations skip service workers.
// A request has an associated destination, which is the empty string, "audio", "audioworklet", "document",
// "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report", "script",
// "serviceworker", "sharedworker", "style", "track", "video", "webidentity", "worker", or "xslt". Unless stated
// otherwise it is the empty string.
// NOTE: These are reflected on RequestDestination except for "serviceworker" and "webidentity" as fetches with
// those destinations skip service workers.
Optional<Destination> m_destination;
// https://fetch.spec.whatwg.org/#concept-request-priority
@ -373,19 +382,23 @@ private:
OriginType m_origin { Origin::Client };
// https://fetch.spec.whatwg.org/#concept-request-policy-container
// A request has an associated policy container, which is "client" or a policy container. Unless stated otherwise it is "client".
// A request has an associated policy container, which is "client" or a policy container. Unless stated otherwise
// it is "client".
PolicyContainerType m_policy_container { PolicyContainer::Client };
// https://fetch.spec.whatwg.org/#concept-request-referrer
// A request has an associated referrer, which is "no-referrer", "client", or a URL. Unless stated otherwise it is "client".
// A request has an associated referrer, which is "no-referrer", "client", or a URL. Unless stated otherwise it is
// "client".
ReferrerType m_referrer { Referrer::Client };
// https://fetch.spec.whatwg.org/#concept-request-referrer-policy
// A request has an associated referrer policy, which is a referrer policy. Unless stated otherwise it is the empty string.
// A request has an associated referrer policy, which is a referrer policy. Unless stated otherwise it is the empty
// string.
Optional<ReferrerPolicy::ReferrerPolicy> m_referrer_policy;
// https://fetch.spec.whatwg.org/#concept-request-mode
// A request has an associated mode, which is "same-origin", "cors", "no-cors", "navigate", or "websocket". Unless stated otherwise, it is "no-cors".
// A request has an associated mode, which is "same-origin", "cors", "no-cors", "navigate", or "websocket". Unless
// stated otherwise, it is "no-cors".
Mode m_mode { Mode::NoCORS };
// https://fetch.spec.whatwg.org/#use-cors-preflight-flag
@ -393,19 +406,26 @@ private:
bool m_use_cors_preflight { false };
// https://fetch.spec.whatwg.org/#concept-request-credentials-mode
// A request has an associated credentials mode, which is "omit", "same-origin", or "include". Unless stated otherwise, it is "same-origin".
// A request has an associated credentials mode, which is "omit", "same-origin", or "include". Unless stated
// otherwise, it is "same-origin".
CredentialsMode m_credentials_mode { CredentialsMode::SameOrigin };
// https://fetch.spec.whatwg.org/#concept-request-use-url-credentials-flag
// A request has an associated use-URL-credentials flag. Unless stated otherwise, it is unset.
// NOTE: When this flag is set, when a requests URL has a username and password, and there is an available
// authentication entry for the request, then the URLs credentials are preferred over that of the
// authentication entry. Modern specifications avoid setting this flag, since putting credentials in URLs is
// discouraged, but some older features set it for compatibility reasons.
bool m_use_url_credentials { false };
// https://fetch.spec.whatwg.org/#concept-request-cache-mode
// A request has an associated cache mode, which is "default", "no-store", "reload", "no-cache", "force-cache", or "only-if-cached". Unless stated otherwise, it is "default".
// A request has an associated cache mode, which is "default", "no-store", "reload", "no-cache", "force-cache", or
// "only-if-cached". Unless stated otherwise, it is "default".
CacheMode m_cache_mode { CacheMode::Default };
// https://fetch.spec.whatwg.org/#concept-request-redirect-mode
// A request has an associated redirect mode, which is "follow", "error", or "manual". Unless stated otherwise, it is "follow".
// A request has an associated redirect mode, which is "follow", "error", or "manual". Unless stated otherwise, it
// is "follow".
RedirectMode m_redirect_mode { RedirectMode::Follow };
// https://fetch.spec.whatwg.org/#concept-request-integrity-metadata
@ -413,11 +433,13 @@ private:
String m_integrity_metadata { String::empty() };
// https://fetch.spec.whatwg.org/#concept-request-nonce-metadata
// A request has associated cryptographic nonce metadata (a string). Unless stated otherwise, it is the empty string.
// A request has associated cryptographic nonce metadata (a string). Unless stated otherwise, it is the empty
// string.
String m_cryptographic_nonce_metadata { String::empty() };
// https://fetch.spec.whatwg.org/#concept-request-parser-metadata
// A request has associated parser metadata which is the empty string, "parser-inserted", or "not-parser-inserted". Unless otherwise stated, it is the empty string.
// A request has associated parser metadata which is the empty string, "parser-inserted", or
// "not-parser-inserted". Unless otherwise stated, it is the empty string.
Optional<ParserMetadata> m_parser_metadata;
// https://fetch.spec.whatwg.org/#concept-request-reload-navigation-flag
@ -437,7 +459,8 @@ private:
bool m_render_blocking { false };
// https://fetch.spec.whatwg.org/#concept-request-url-list
// A request has an associated URL list (a list of one or more URLs). Unless stated otherwise, it is a list containing a copy of requests URL.
// A request has an associated URL list (a list of one or more URLs). Unless stated otherwise, it is a list
// containing a copy of requests URL.
Vector<AK::URL> m_url_list;
// https://fetch.spec.whatwg.org/#concept-request-redirect-count
@ -446,11 +469,13 @@ private:
u8 m_redirect_count { 0 };
// https://fetch.spec.whatwg.org/#concept-request-response-tainting
// A request has an associated response tainting, which is "basic", "cors", or "opaque". Unless stated otherwise, it is "basic".
// A request has an associated response tainting, which is "basic", "cors", or "opaque". Unless stated otherwise,
// it is "basic".
ResponseTainting m_response_tainting { ResponseTainting::Basic };
// https://fetch.spec.whatwg.org/#no-cache-prevent-cache-control
// A request has an associated prevent no-cache cache-control header modification flag. Unless stated otherwise, it is unset.
// A request has an associated prevent no-cache cache-control header modification flag. Unless stated otherwise, it
// is unset.
bool m_prevent_no_cache_cache_control_header_modification { false };
// https://fetch.spec.whatwg.org/#done-flag