Short URL: http://html5.org/r/6255
| SVN | Bug | Comment | Time (UTC) |
|---|---|---|---|
| 6255 | 2011-06-17 19:57 |
Index: source
===================================================================
--- source (revision 6254)
+++ source (revision 6255)
@@ -89371,18 +89371,22 @@
<li>
- <p><span>Fetch</span> the resource identified by the resulting
- <span>absolute URL</span>, from the <span>entry script</span>'s
- <span>origin</span>, with the <i>force same-origin flag</i> set,
- and process it as described below.</p> <!-- not http-origin
- privacy sensitive (looking forward to CORS) -->
+ <p>Do a <span>potentially CORS-enabled fetch</span> of the
+ resulting <span>absolute URL</span>, with the <i>mode</i> being
+ <span title="attr-crossorigin-use-credentials">Use
+ Credentials</span>, and the <i>origin</i> being the <span>entry
+ script</span>'s <span>origin</span><!--, and the <i>default origin
+ behaviour</i> set to <i>fail</i> (though it has no effect in the
+ "Use Credentials" mode)-->, and process the resource obtained in
+ this fashion, if any, as described below.</p>
<p class="note">The definition of the <span
- title="fetch">fetching</span> algorithm is such that if the
- browser is already fetching the resource identified by the given
- <span>absolute URL</span>, that connection can be reused, instead
- of a new connection being established. All messages received up to
- this point are dispatched immediately, in this case.</p>
+ title="fetch">fetching</span> algorithm (which is used by CORS) is
+ such that if the browser is already fetching the resource
+ identified by the given <span>absolute URL</span>, that connection
+ can be reused, instead of a new connection being established. All
+ messages received up to this point are dispatched immediately, in
+ this case.</p>
</li>
@@ -89539,8 +89543,8 @@
<p>HTTP 301 Moved Permanently, HTTP 302 Found, 303 See Other, and
307 Temporary Redirect responses are handled by the <span
- title="fetch">fetching</span> algorithm. In the case of 301
- redirects, the user agent must also remember the new URL so that
+ title="fetch">fetching</span> and CORS algorithms. In the case of
+ 301 redirects, the user agent must also remember the new URL so that
subsequent requests for this resource for this
<code>EventSource</code> object start with the URL given for the
last 301 seen for requests for this object.</p>
@@ -89584,10 +89588,17 @@
the reconnection time of the event source, if the <code
title="dom-EventSource-readyState">readyState</code> attribute is
still set to <code
- title="dom-EventSource-CONNECTING">CONNECTING</code>,
- <span>fetch</span> the event source resource again from the same
- <span>origin</span> as the original request triggered by the <code
- title="dom-EventSource">EventSource()</code> constructor.</p>
+ title="dom-EventSource-CONNECTING">CONNECTING</code>, once again do
+ a <span>potentially CORS-enabled fetch</span> of the <span>absolute
+ URL</span> of the event source resource, with the <i>mode</i> being
+ <span title="attr-crossorigin-use-credentials">Use
+ Credentials</span>, and the <i>origin</i> being the same as the
+ <span>origin</span> used in the original request triggered by the
+ <code title="dom-EventSource">EventSource()</code> constructor<!--,
+ and the <i>default origin behaviour</i> set to <i>fail</i> (though
+ it has no effect in the "Use Credentials" mode)-->, and process the
+ resource obtained in this fashion, if any, as described in this
+ section.</p>
<p>When a user agent is to <dfn>fail the connection</dfn>, the user
agent must set the <code