Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request's mode incorrectly documented #35488

Closed
annevk opened this issue Aug 16, 2024 · 4 comments · Fixed by #36476
Closed

Request's mode incorrectly documented #35488

annevk opened this issue Aug 16, 2024 · 4 comments · Fixed by #36476
Labels
area: Fetch/XMLHttpRequest Content:Glossary Glossary entries Content:WebAPI Web API docs help wanted If you know something about this topic, we would love your help!

Comments

@annevk
Copy link
Contributor

annevk commented Aug 16, 2024

In https://developer.mozilla.org/en-US/docs/Web/API/Request/mode it states

Prevents the method from being anything other than HEAD, GET or POST, and the headers from being anything other than CORS-safelisted request headers.

However, that is incorrect. The only no-CORS headers that are safelisted are here: https://fetch.spec.whatwg.org/#no-cors-safelisted-request-header-name. And that's a subset of the CORS-safelisted requested headers.

This probably came to be when the Range header was added for CORS.

Context: whatwg/fetch#1310 (comment). Credit: @anson0370.
@github-actions github-actions bot added Content:Glossary Glossary entries Content:WebAPI Web API docs needs triage Triage needed by staff and/or partners. Automatically applied when an issue is opened. and removed Content:WebAPI Web API docs Content:Glossary Glossary entries labels Aug 16, 2024
@annevk annevk mentioned this issue Aug 16, 2024
Closed
@Josh-Cena Josh-Cena added help wanted If you know something about this topic, we would love your help! Content:WebAPI Web API docs Content:Glossary Glossary entries area: Fetch/XMLHttpRequest and removed needs triage Triage needed by staff and/or partners. Automatically applied when an issue is opened. labels Aug 16, 2024
@joeyparrish joeyparrish mentioned this issue Aug 16, 2024
Open
@wbamberg wbamberg mentioned this issue Oct 24, 2024
Merged
@wbamberg
Copy link
Collaborator

Am I right in thinking that https://github.com/whatwg/fetch/blob/1dc1b034b208faf6652dced19954f67717da9ba1/review-drafts/2024-06.bs#L1985-L1988 also ought to be updated?

"no-cors"

Restricts requests to using CORS-safelisted methods and CORS-safelisted request-headers. Upon success, fetch will return an opaque filtered response.

@sideshowbarker
Copy link
Member

sideshowbarker commented Oct 25, 2024
edited
Loading

Am I right in thinking that whatwg/fetch@1dc1b03/review-drafts/2024-06.bs#L1985-L1988 also ought to be updated?

No, that’s the request’s “credentials mode” https://fetch.spec.whatwg.org/#concept-request-credentials-mode, right?

Whereas, no-cors is a value for the request’s “mode” https://fetch.spec.whatwg.org/#concept-request-mode

@wbamberg
Copy link
Collaborator

no-cors is a value for the request’s “mode” https://fetch.spec.whatwg.org/#concept-request-mode

That's the bit I quoted (the green note):

Screen Shot 2024-10-25 at 9 46 45 AM

Am I misreading it?

@sideshowbarker
Copy link
Member

no-cors is a value for the request’s “mode” fetch.spec.whatwg.org#concept-request-mode

That's the bit I quoted (the green note):

Am I misreading it?

You’re not misreading — I just misread your earlier comment…

So yeah, you’re right — that note should be updated

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: Fetch/XMLHttpRequest Content:Glossary Glossary entries Content:WebAPI Web API docs help wanted If you know something about this topic, we would love your help!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Improve documentation for no-cors mode wbamberg/content
4 participants
@sideshowbarker @wbamberg @annevk @Josh-Cena