In order to block potential data leaks through prefetch requests, it was decided [1] that a `prefetch-src`CSP directive would be added and control such requests, and that prefetch requests would have their own `Request.initiator` and an empty string destination[2]. [1] https://github.com/w3c/webappsec-csp/issues/107 [2] https://github.com/whatwg/fetch/pull/659 Tests: http://w3c-test.org/content-security-policy/prefetch-src/
<rdar://problem/39821187>
Pull request: https://github.com/WebKit/WebKit/pull/5360
Committed 255653@main (b632f9d274f3): <https://commits.webkit.org/255653@main> Reviewed commits have been landed. Closing PR #5360 and removing active labels.