@@ -2857,16 +2857,13 @@ with a <i>CORS flag</i> and <i>recursive flag</i>, run these steps:
28572857 <var> noCorsResponse</var> .
28582858
28592859 <li>
2860- <p> Set <var> corbSanitizedResponse</var> to a new <a for=/>response</a> whose
2861- <a for=response>status</a> is <var> noCorsResponse</var> 's <a for=response>status</a> ,
2862- <a for=response>HTTPS state</a> is <var> noCorsResponse</var> 's
2863- <a for=response>HTTPS state</a> , and <a for=response>CSP list</a> is
2864- <var> noCorsResponse</var> 's <a for=response>CSP list</a> .
2860+ <p> Return a new <a for=/>response</a> whose <a for=response>status</a> is
2861+ <var> noCorsResponse</var> 's <a for=response>status</a> , <a for=response>HTTPS state</a> is
2862+ <var> noCorsResponse</var> 's <a for=response>HTTPS state</a> , and <a for=response>CSP list</a>
2863+ is <var> noCorsResponse</var> 's <a for=response>CSP list</a> .
28652864
28662865 <p class="warning"> This is only an effective defense against side channel attacks if
28672866 <var> noCorsResponse</var> is kept isolated from the process that initiated the request.
2868-
2869- <li><p> Return <var> corbSanitizedResponse</var> .
28702867 </ol>
28712868
28722869 <dt><var> request</var> 's <a for=request>current url</a>' s
@@ -3500,6 +3497,12 @@ Range Requests</cite>. [[HTTP-RANGE]] However, this is not widely supported by b
35003497<ol>
35013498 <li><p> Let <var> httpRequest</var> be null.
35023499
3500+ <li><p> Let <var> response</var> be null.
3501+
3502+ <li><p> Let <var> storedResponse</var> be null.
3503+
3504+ <li><p> Let the <var> revalidatingFlag</var> be unset.
3505+
35033506 <li>
35043507 <p> Run these steps, but <a>abort when</a> the ongoing fetch is <a for=fetch>terminated</a> :
35053508
@@ -3719,10 +3722,6 @@ Range Requests</cite>. [[HTTP-RANGE]] However, this is not widely supported by b
37193722 <var> httpRequest</var> 's
37203723 <a for=request>credentials mode</a> .
37213724
3722- <li><p> Let <var> response</var> and <var> storedResponse</var> be null.
3723-
3724- <li><p> Let the <var> revalidatingFlag</var> be unset.
3725-
37263725 <li>
37273726 <p> If <var> httpRequest</var> 's <a for=request>cache mode</a> is neither "<code> no-store</code> "
37283727 nor "<code> reload</code> ", then:
@@ -3791,10 +3790,10 @@ Range Requests</cite>. [[HTTP-RANGE]] However, this is not widely supported by b
37913790 <li><p> If <var> httpRequest</var> 's <a for=request>cache mode</a> is
37923791 "<code> only-if-cached</code> ", then return a <a>network error</a> .
37933792
3794- <li><p> Set <var> forwardResponse</var> to the result of making an <a>HTTP-network fetch</a> using
3793+ <li><p> Let <var> forwardResponse</var> be the result of making an <a>HTTP-network fetch</a> using
37953794 <var> httpRequest</var> with <i> credentials flag</i> if set.
37963795
3797- <li><p> If <var> httpRequest</var> 's <var > method</var > is
3796+ <li><p> If <var> httpRequest</var> 's <a for=request >method</a > is
37983797 <a href=https://tools.ietf.org/html/rfc7231#safe.methods>unsafe</a> and
37993798 <var> forwardResponse</var> 's <a for=response>status</a> is in the range <code> 200</code> to
38003799 <code> 399</code> , inclusive, invalidate appropriate stored responses in the HTTP cache, as per
0 commit comments