Instead, let the network layer handle all security checks and fail asynchronously. No need to duplicate them. Test: https://github.com/w3c/web-platform-tests/issues/5212.
The code change seems simple but Firefox / Chrome and Safari all throw here.
Will re-evaluate if other browsers actually implement this. But for now, I am not inclined to change our behavior.
(In reply to Chris Dumez from comment #2) > Will re-evaluate if other browsers actually implement this. But for now, I > am not inclined to change our behavior. This seems to add some flexibility in where we could do the checks. If we want to keep checks at WebCore level, this might allow making things more consistent should the network layer add additional port restrictions. This makes sense to me.
This was implemented at some point. We pass the relevant tests.