From e1803cc1c977bfeff93e99c977d67a4a60a6c75e Mon Sep 17 00:00:00 2001
From: Noam Rosenthal <noamr@users.noreply.github.com>
Date: Mon, 19 Dec 2022 16:11:31 +0200
Subject: [PATCH] Send `Sec-Purpose: prefetch` for prefetch requests

The purpose headers allows servers to discern between regular requests
and "resource hints" - requests that are only meant to populate
caches.

This replaces the existing `Purpose` and `x-moz: prefetch` headers.

Closes w3c/webappsec-fetch-metadata#84
Part of whatwg/html#8111
---
 fetch.bs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fetch.bs b/fetch.bs
index 43a79773a..84e85852c 100644
--- a/fetch.bs
+++ b/fetch.bs
@@ -5313,6 +5313,10 @@ run these steps:
    <li><p><a abstract-op lt="append the Fetch metadata headers for a request">Append the Fetch metadata headers for <var>httpRequest</var></a>.
    [[!FETCH-METADATA]]
 
+   <li><p>If <var>httpRequest</var>'s <a for=request>initiator</a> is "<code>prefetch</code>", then
+   <a for="header list">append</a> (`<code>Sec-Purpose</code>`, "<code>prefetch</code>") to
+   <var>httpRequest</var>'s <a for=request>header list</a>.
+
    <li><p>If <var>httpRequest</var>'s <a for=request>header list</a>
    <a for="header list">does not contain</a> `<code>User-Agent</code>`, then user agents should
    <a for="header list">append</a> (`<code>User-Agent</code>`,