diff --git a/fetch.bs b/fetch.bs index e3bef0878..f1963a17b 100644 --- a/fetch.bs +++ b/fetch.bs @@ -2230,6 +2230,8 @@ or "object". return true:
    +
  1. Assert: request's origin is not "client". +
  2. Let lastURL be null.

  3. @@ -2255,6 +2257,8 @@ return true: run these steps:
      +
    1. Assert: request's origin is not "client". +
    2. If request has a redirect-tainted origin, then return "null". @@ -2350,6 +2354,8 @@ source of security bugs. Please seek security review for features that deal with request request, run these steps:

        +
      1. Assert: request's origin is not "client". +
      2. If request's mode is not "no-cors", then return true.

        @@ -3309,6 +3315,8 @@ request header indicates where a given a request request, run these steps:
          +
        1. Assert: request's origin is not "client". +
        2. Let serializedOrigin be the result of byte-serializing a request origin with request. @@ -6632,6 +6640,8 @@ agent's CORS-preflight cache for which there is a cache entry matchresponse, run these steps:

            +
          1. Assert: request's origin is not "client". +
          2. If request's timing allow failed flag is set, then return failure.