From 96b4288e2832af49ab788599b0e7752b659992e7 Mon Sep 17 00:00:00 2001 From: Mustafa Emre Acer Date: Thu, 21 Nov 2024 11:30:14 -0800 Subject: [PATCH] Add custom port and redirect examples, move the upgrade step --- fetch.bs | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/fetch.bs b/fetch.bs index 87b6157d..19217e05 100644 --- a/fetch.bs +++ b/fetch.bs @@ -3410,13 +3410,25 @@ requests, in order to quickly initiate a fallback HTTP fetch. request to http://a.com will be upgraded to https://a.com, but the fetch will fail. A fallback request will be initiated to http://a.com. -

site.test serves -http://site.test but refuses connections on https://site.test. Upon -first request and fallback to http://site.test, the user agent stores the hostname -in an allowlist with an expiration time of 7 days. In a future request, if site.test -is still in this allowlist, the user agent will not upgrade http://site.test to -https://site.test. The user agent will also set the new expiration time of the -allowlist entry for site.test to 7 days from now. +

a.com serves +http://a.com but refuses connections on https://a.com. Upon +first request and fallback to http://a.com, the user agent stores the hostname +in an allowlist with an expiration time of 7 days. In a future request, if a.com +is still in this allowlist, the user agent will not upgrade http://a.com to +https://a.com. The user agent will also set the new expiration time of the +allowlist entry for a.com to 7 days from now. + +

a.com serves +http://a.com:8080. When a site is served from a non-default HTTP port, it's unlikely +that the corresponding HTTPS URL is served from the default port either. Therefore, the user agent +doesn't upgrade requests to http://a.com:8080. + +

a.com serves +http://a.com and https://a.com. The latter redirects to the former. +An eligible request to http://a.com will be upgraded to +https://a.com and will be redirected back to http://a.com. +The user agent will detect this as a redirect loop, treat it as a failed upgrade and initiate a +fallback navigation to http://a.com. @@ -4609,8 +4621,6 @@ steps:

  • Upgrade request to a potentially trustworthy URL, if appropriate. -

  • Optionally, run upgrade an HTTP request algorithm on request. -

  • Upgrade a mixed content request to a potentially trustworthy URL, if appropriate.

  • If should request be blocked due to a bad port, @@ -4660,6 +4670,8 @@ steps: in the fetch algorithm and potentially unwind logic on discovering the need to change request's current URL's scheme. +

  • Optionally, run upgrade an HTTP request algorithm on request. +

  • If recursive is false, then run the remaining steps in parallel.