From b6da9304d36f26ed1c385894af7f4bff3a21f1f3 Mon Sep 17 00:00:00 2001
From: Antonio Sartori <antoniosartori@chromium.org>
Date: Thu, 6 May 2021 10:07:41 +0200
Subject: [PATCH 1/4] Add policy container to request

---
 fetch.bs | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/fetch.bs b/fetch.bs
index 30dceaceb..b2f22fd1c 100644
--- a/fetch.bs
+++ b/fetch.bs
@@ -1519,6 +1519,14 @@ user-agent-defined object). Unless otherwise stated it is null.
 <a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
 <a for=/>request</a>'s <a for=request>origin</a>.
 
+<p>A <a for=/>request</a> has an associated <dfn export for=request
+id=concept-request-policy-container>policy container</dfn>, which is "<code>client</code>" or a <a
+for=/>policy container</a>. Unless stated otherwise it is "<code>client</code>".
+
+<p class="note no-backref">"<code>client</code>" is changed to a <a for=/>policy container</a>
+during <a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
+<a for=/>request</a>'s <a for=request>policy container</a>.
+
 <p>A <a for=/>request</a> has an associated
 <dfn export for=request id=concept-request-referrer>referrer</dfn>, which is
 "<code>no-referrer</code>", "<code>client</code>", or a <a for=/>URL</a>. Unless stated otherwise it
@@ -3659,6 +3667,19 @@ steps:
  <a for=request>current URL</a> is not <a lt="is local">local</a>, then set <var>response</var> to a
  <a>network error</a>.
 
+ <li>
+  <p>If <var>request</var>'s <a for=request>policy container</a> is "<code>client</code>", then:
+
+  <ol>
+   <li><p>If <var>request</var>'s <a for=request>client</a> is non-null, then set
+   <var>request</var>'s <a for=request>policy container</a> to a <a
+   lt="clone a policy container">clone</a> of <var>request</var>'s <a for=request>client</a>'s <a
+   for="environment settings object">policy container</a>. [[!HTML]]
+
+   <li><p>Else, set <var>request</var>'s <a for=request>policy container</a> to a new <a
+   for=/>policy container</a>.
+  </ol>
+
  <li><p>Run <a>report Content Security Policy violations for <var>request</var></a>.
 
  <li><p><a>Upgrade <var>request</var> to a potentially trustworthy URL, if appropriate</a>.

From 7ede7256eb910f0df0d2a2df45bb25f8cd2a16c5 Mon Sep 17 00:00:00 2001
From: Antonio Sartori <antoniosartori@chromium.org>
Date: Thu, 6 May 2021 11:33:03 +0200
Subject: [PATCH 2/4] Fix

---
 fetch.bs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/fetch.bs b/fetch.bs
index b2f22fd1c..2d1d1873a 100644
--- a/fetch.bs
+++ b/fetch.bs
@@ -1523,9 +1523,9 @@ user-agent-defined object). Unless otherwise stated it is null.
 id=concept-request-policy-container>policy container</dfn>, which is "<code>client</code>" or a <a
 for=/>policy container</a>. Unless stated otherwise it is "<code>client</code>".
 
-<p class="note no-backref">"<code>client</code>" is changed to a <a for=/>policy container</a>
-during <a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
-<a for=/>request</a>'s <a for=request>policy container</a>.
+<p class="note">"<code>client</code>" is changed to a <a for=/>policy container</a> during <a
+lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set <a
+for=/>request</a>'s <a for=request>policy container</a>.
 
 <p>A <a for=/>request</a> has an associated
 <dfn export for=request id=concept-request-referrer>referrer</dfn>, which is
@@ -3676,7 +3676,7 @@ steps:
    lt="clone a policy container">clone</a> of <var>request</var>'s <a for=request>client</a>'s <a
    for="environment settings object">policy container</a>. [[!HTML]]
 
-   <li><p>Else, set <var>request</var>'s <a for=request>policy container</a> to a new <a
+   <li><p>Otherwise, set <var>request</var>'s <a for=request>policy container</a> to a new <a
    for=/>policy container</a>.
   </ol>
 

From b54e56da7f3088e57ba1d605d0d003b6bc989271 Mon Sep 17 00:00:00 2001
From: Antonio Sartori <antoniosartori@chromium.org>
Date: Thu, 6 May 2021 13:25:06 +0200
Subject: [PATCH 3/4] Rewrap

---
 fetch.bs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fetch.bs b/fetch.bs
index 2d1d1873a..8864e99e6 100644
--- a/fetch.bs
+++ b/fetch.bs
@@ -1519,9 +1519,10 @@ user-agent-defined object). Unless otherwise stated it is null.
 <a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
 <a for=/>request</a>'s <a for=request>origin</a>.
 
-<p>A <a for=/>request</a> has an associated <dfn export for=request
-id=concept-request-policy-container>policy container</dfn>, which is "<code>client</code>" or a <a
-for=/>policy container</a>. Unless stated otherwise it is "<code>client</code>".
+<p>A <a for=/>request</a> has an associated
+<dfn export for=request id=concept-request-policy-container>policy container</dfn>, which is
+"<code>client</code>" or a <a for=/>policy container</a>. Unless stated otherwise it is
+"<code>client</code>".
 
 <p class="note">"<code>client</code>" is changed to a <a for=/>policy container</a> during <a
 lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set <a

From 604b99d642edeaa6957a38a88d3c4f3b835c33e5 Mon Sep 17 00:00:00 2001
From: Anne van Kesteren <annevk@annevk.nl>
Date: Mon, 10 May 2021 12:28:29 +0200
Subject: [PATCH 4/4] more rewrapping and move defaulting out of main fetch (no
 need to run the conditional on each redirect)

---
 fetch.bs | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/fetch.bs b/fetch.bs
index 8864e99e6..b4a739e6e 100644
--- a/fetch.bs
+++ b/fetch.bs
@@ -1524,9 +1524,9 @@ user-agent-defined object). Unless otherwise stated it is null.
 "<code>client</code>" or a <a for=/>policy container</a>. Unless stated otherwise it is
 "<code>client</code>".
 
-<p class="note">"<code>client</code>" is changed to a <a for=/>policy container</a> during <a
-lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set <a
-for=/>request</a>'s <a for=request>policy container</a>.
+<p class=note>"<code>client</code>" is changed to a <a for=/>policy container</a> during
+<a lt=fetch for=/>fetching</a>. It provides a convenient way for standards to not have to set
+<a for=/>request</a>'s <a for=request>policy container</a>.
 
 <p>A <a for=/>request</a> has an associated
 <dfn export for=request id=concept-request-referrer>referrer</dfn>, which is
@@ -3596,6 +3596,19 @@ the request.
  <var>request</var>'s <a for=request>origin</a> to  <var>request</var>'s <a for=request>client</a>'s
  <a for="environment settings object">origin</a>.
 
+ <li>
+  <p>If <var>request</var>'s <a for=request>policy container</a> is "<code>client</code>", then:
+
+  <ol>
+   <li><p>If <var>request</var>'s <a for=request>client</a> is non-null, then set
+   <var>request</var>'s <a for=request>policy container</a> to a
+   <a lt="clone a policy container">clone</a> of <var>request</var>'s <a for=request>client</a>'s
+   <a for="environment settings object">policy container</a>. [[!HTML]]
+
+   <li><p>Otherwise, set <var>request</var>'s <a for=request>policy container</a> to a new
+   <a for=/>policy container</a>.
+  </ol>
+
  <li>
   <p>If <var>request</var>'s <a for=request>header list</a>
   <a for="header list">does not contain</a> `<code>Accept</code>`, then:
@@ -3668,19 +3681,6 @@ steps:
  <a for=request>current URL</a> is not <a lt="is local">local</a>, then set <var>response</var> to a
  <a>network error</a>.
 
- <li>
-  <p>If <var>request</var>'s <a for=request>policy container</a> is "<code>client</code>", then:
-
-  <ol>
-   <li><p>If <var>request</var>'s <a for=request>client</a> is non-null, then set
-   <var>request</var>'s <a for=request>policy container</a> to a <a
-   lt="clone a policy container">clone</a> of <var>request</var>'s <a for=request>client</a>'s <a
-   for="environment settings object">policy container</a>. [[!HTML]]
-
-   <li><p>Otherwise, set <var>request</var>'s <a for=request>policy container</a> to a new <a
-   for=/>policy container</a>.
-  </ol>
-
  <li><p>Run <a>report Content Security Policy violations for <var>request</var></a>.
 
  <li><p><a>Upgrade <var>request</var> to a potentially trustworthy URL, if appropriate</a>.