Tainted origin flag applied to Resource Timing

Feature: Tainted origin flag applied to Resource Timing

Accounts for the tainted origin flag when computing whether a fetched resource passes the timing allow origin check. The Timing Allow Origin check is used in Resource Timing to determine whether the page has the right to receive detailed timing information about a resource used in the page. The tainted origin flag impacts this check in cases where there are multiple redirects that cross origins. In those cases, the header should be '*', i.e. can no longer be a specific origin.

Specification

Specification link

Status: Unknown standards status - check spec link for status

Status in Chromium

Blink components: Blink>PerformanceAPIs>ResourceTiming

Implementation status: Enabled by default (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: Shipped/Shipping
Safari: No signal
Web Developers: No signals

Owner

npm@chromium.org

Last updated on 2021-12-13