blob: fbc72f30ad77c1d5591fcf359b4e4a7eb0263274 [file] [log] [blame]
<!DOCTYPE html>
<title>Service Workers: Response</title>
<link rel="help" href="">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
`Response` objects are mutable and constructable. They model HTTP responses.
The `fetch()` API returns this type for same-origin responses.
It may be possible to set the `Location` header of a `Response` object to
someplace not in the current origin but this is not a security issue.
Cross-origin response bodies are opaque to script, and since only same-origin
documents will encounter these responses, the only systems the Service Worker
can "lie to" are same-origin (and therefore safe from the perspective of other
test(function() {
// not_implemented();
}, "There are no tests for section Response so far.");