LibWeb: Add definitions from '2.2.5 Requests' in the Fetch spec

4 files changed, 671 insertions, 0 deletions

diff --git a/Userland/Libraries/LibWeb/CMakeLists.txt b/Userland/Libraries/LibWeb/CMakeLists.txt
index ba70de299e..21f1e062dc 100644
--- a/Userland/Libraries/LibWeb/CMakeLists.txt
+++ b/Userland/Libraries/LibWeb/CMakeLists.txt
@@ -122,6 +122,7 @@ set(SOURCES
     Fetch/Infrastructure/HTTP/Bodies.cpp
     Fetch/Infrastructure/HTTP/Headers.cpp
     Fetch/Infrastructure/HTTP/Methods.cpp
+    Fetch/Infrastructure/HTTP/Requests.cpp
     Fetch/Infrastructure/HTTP/Statuses.cpp
     FontCache.cpp
     Geometry/DOMRectList.cpp
diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp
new file mode 100644
index 0000000000..bd53ad510e
--- /dev/null
+++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp
@@ -0,0 +1,230 @@
+/*
+ * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <AK/Array.h>
+#include <LibWeb/Fetch/Infrastructure/HTTP/Requests.h>
+
+namespace Web::Fetch {
+
+// https://fetch.spec.whatwg.org/#concept-request-url
+AK::URL const& Request::url() const
+{
+    // A request has an associated URL (a URL).
+    // NOTE: Implementations are encouraged to make this a pointer to the first URL in request’s URL list. It is provided as a distinct field solely for the convenience of other standards hooking into Fetch.
+    VERIFY(!m_url_list.is_empty());
+    return m_url_list.first();
+}
+
+// https://fetch.spec.whatwg.org/#concept-request-current-url
+AK::URL const& Request::current_url()
+{
+    // A request has an associated current URL. It is a pointer to the last URL in request’s URL list.
+    VERIFY(!m_url_list.is_empty());
+    return m_url_list.last();
+}
+
+void Request::set_url(AK::URL url)
+{
+    // Sometimes setting the URL and URL list are done as two distinct steps in the spec,
+    // but since we know the URL is always the URL list's first item and doesn't change later
+    // on, we can combine them.
+    VERIFY(m_url_list.is_empty());
+    m_url_list.append(move(url));
+}
+
+// https://fetch.spec.whatwg.org/#request-destination-script-like
+bool Request::destination_is_script_like() const
+{
+    // A request’s destination is script-like if it is "audioworklet", "paintworklet", "script", "serviceworker", "sharedworker", or "worker".
+    static constexpr Array script_like_destinations = {
+        Destination::AudioWorklet,
+        Destination::PaintWorklet,
+        Destination::Script,
+        Destination::ServiceWorker,
+        Destination::SharedWorker,
+        Destination::Worker,
+    };
+    return any_of(script_like_destinations, [this](auto destination) {
+        return m_destination == destination;
+    });
+}
+
+// https://fetch.spec.whatwg.org/#subresource-request
+bool Request::is_subresource_request() const
+{
+    // A subresource request is a request whose destination is "audio", "audioworklet", "font", "image", "manifest", "paintworklet", "script", "style", "track", "video", "xslt", or the empty string.
+    static constexpr Array subresource_request_destinations = {
+        Destination::Audio,
+        Destination::AudioWorklet,
+        Destination::Font,
+        Destination::Image,
+        Destination::Manifest,
+        Destination::PaintWorklet,
+        Destination::Script,
+        Destination::Style,
+        Destination::Track,
+        Destination::Video,
+        Destination::XSLT,
+    };
+    return any_of(subresource_request_destinations, [this](auto destination) {
+        return m_destination == destination;
+    }) || !m_destination.has_value();
+}
+
+// https://fetch.spec.whatwg.org/#non-subresource-request
+bool Request::is_non_subresource_request() const
+{
+    // A non-subresource request is a request whose destination is "document", "embed", "frame", "iframe", "object", "report", "serviceworker", "sharedworker", or "worker".
+    static constexpr Array non_subresource_request_destinations = {
+        Destination::Document,
+        Destination::Embed,
+        Destination::Frame,
+        Destination::IFrame,
+        Destination::Object,
+        Destination::Report,
+        Destination::ServiceWorker,
+        Destination::SharedWorker,
+        Destination::Worker,
+    };
+    return any_of(non_subresource_request_destinations, [this](auto destination) {
+        return m_destination == destination;
+    });
+}
+
+// https://fetch.spec.whatwg.org/#navigation-request
+bool Request::is_navigation_request() const
+{
+    // A navigation request is a request whose destination is "document", "embed", "frame", "iframe", or "object".
+    static constexpr Array navigation_request_destinations = {
+        Destination::Document,
+        Destination::Embed,
+        Destination::Frame,
+        Destination::IFrame,
+        Destination::Object,
+    };
+    return any_of(navigation_request_destinations, [this](auto destination) {
+        return m_destination == destination;
+    });
+}
+
+// https://fetch.spec.whatwg.org/#concept-request-tainted-origin
+bool Request::has_redirect_tainted_origin() const
+{
+    // A request request has a redirect-tainted origin if these steps return true:
+
+    // 1. Let lastURL be null.
+    Optional<AK::URL const&> last_url;
+
+    // 2. For each url in request’s URL list:
+    for (auto const& url : m_url_list) {
+        // 1. If lastURL is null, then set lastURL to url and continue.
+        if (!last_url.has_value()) {
+            last_url = url;
+            continue;
+        }
+
+        // 2. If url’s origin is not same origin with lastURL’s origin and request’s origin is not same origin with lastURL’s origin, then return true.
+        // FIXME: Actually use the given origins once we have https://url.spec.whatwg.org/#concept-url-origin.
+        if (!HTML::Origin().is_same_origin(HTML::Origin()) && HTML::Origin().is_same_origin(HTML::Origin()))
+            return true;
+
+        // 3. Set lastURL to url.
+        last_url = url;
+    }
+
+    // 3. Return false.
+    return false;
+}
+
+// https://fetch.spec.whatwg.org/#serializing-a-request-origin
+String Request::serialize_origin() const
+{
+    // 1. If request has a redirect-tainted origin, then return "null".
+    if (has_redirect_tainted_origin())
+        return "null"sv;
+
+    // 2. Return request’s origin, serialized.
+    return m_origin.get<HTML::Origin>().serialize();
+}
+
+// https://fetch.spec.whatwg.org/#byte-serializing-a-request-origin
+ErrorOr<ByteBuffer> Request::byte_serialize_origin() const
+{
+    // Byte-serializing a request origin, given a request request, is to return the result of serializing a request origin with request, isomorphic encoded.
+    return ByteBuffer::copy(serialize_origin().bytes());
+}
+
+// https://fetch.spec.whatwg.org/#concept-request-clone
+Request Request::clone() const
+{
+    // To clone a request request, run these steps:
+
+    // 1. Let newRequest be a copy of request, except for its body.
+    BodyType body;
+    swap(body, const_cast<BodyType&>(m_body));
+    auto new_request = *this;
+    swap(body, const_cast<BodyType&>(m_body));
+
+    // FIXME: 2. If request’s body is non-null, set newRequest’s body to the result of cloning request’s body.
+
+    // 3. Return newRequest.
+    return new_request;
+}
+
+// https://fetch.spec.whatwg.org/#concept-request-add-range-header
+ErrorOr<void> Request::add_range_reader(u64 first, Optional<u64> const& last)
+{
+    // To add a range header to a request request, with an integer first, and an optional integer last, run these steps:
+
+    // 1. Assert: last is not given, or first is less than or equal to last.
+    VERIFY(!last.has_value() || first <= last.value());
+
+    // 2. Let rangeValue be `bytes=`.
+    auto range_value = TRY(ByteBuffer::copy("bytes"sv.bytes()));
+
+    // 3. Serialize and isomorphic encode first, and append the result to rangeValue.
+    TRY(range_value.try_append(String::number(first).bytes()));
+
+    // 4. Append 0x2D (-) to rangeValue.
+    TRY(range_value.try_append('-'));
+
+    // 5. If last is given, then serialize and isomorphic encode it, and append the result to rangeValue.
+    if (last.has_value())
+        TRY(range_value.try_append(String::number(*last).bytes()));
+
+    // 6. Append (`Range`, rangeValue) to request’s header list.
+    auto header = Header {
+        .name = TRY(ByteBuffer::copy("Range"sv.bytes())),
+        .value = move(range_value),
+    };
+    TRY(m_header_list.append(move(header)));
+
+    return {};
+}
+
+// https://fetch.spec.whatwg.org/#cross-origin-embedder-policy-allows-credentials
+bool Request::cross_origin_embedder_policy_allows_credentials() const
+{
+    // 1. If request’s mode is not "no-cors", then return true.
+    if (m_mode != Mode::NoCORS)
+        return true;
+
+    // 2. If request’s client is null, then return true.
+    if (m_client == nullptr)
+        return true;
+
+    // FIXME: 3. If request’s client’s policy container’s embedder policy’s value is not "credentialless", then return true.
+
+    // 4. If request’s origin is same origin with request’s current URL’s origin and request does not have a redirect-tainted origin, then return true.
+    // FIXME: Actually use the given origins once we have https://url.spec.whatwg.org/#concept-url-origin.
+    if (HTML::Origin().is_same_origin(HTML::Origin()) && !has_redirect_tainted_origin())
+        return true;
+
+    // 5. Return false.
+    return false;
+}
+
+}
diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h
new file mode 100644
index 0000000000..16f1b5873e
--- /dev/null
+++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h
@@ -0,0 +1,439 @@
+/*
+ * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#include <AK/ByteBuffer.h>
+#include <AK/Error.h>
+#include <AK/Forward.h>
+#include <AK/Optional.h>
+#include <AK/String.h>
+#include <AK/URL.h>
+#include <AK/Variant.h>
+#include <AK/Vector.h>
+#include <LibWeb/Fetch/Infrastructure/HTTP/Bodies.h>
+#include <LibWeb/Fetch/Infrastructure/HTTP/Headers.h>
+#include <LibWeb/HTML/Origin.h>
+#include <LibWeb/HTML/PolicyContainers.h>
+#include <LibWeb/HTML/Scripting/Environments.h>
+
+namespace Web::Fetch {
+
+// https://fetch.spec.whatwg.org/#concept-request
+class Request final {
+public:
+    enum class CacheMode {
+        Default,
+        NoStore,
+        Reload,
+        NoCache,
+        ForceCache,
+        OnlyIfCached,
+    };
+
+    enum class CredentialsMode {
+        Omit,
+        SameOrigin,
+        Include,
+    };
+
+    enum class Destination {
+        Audio,
+        AudioWorklet,
+        Document,
+        Embed,
+        Font,
+        Frame,
+        IFrame,
+        Image,
+        Manifest,
+        Object,
+        PaintWorklet,
+        Report,
+        Script,
+        ServiceWorker,
+        SharedWorker,
+        Style,
+        Track,
+        Video,
+        Worker,
+        XSLT,
+    };
+
+    enum class Initiator {
+        Download,
+        ImageSet,
+        Manifest,
+        Prefetch,
+        Prerender,
+        XSLT,
+    };
+
+    enum class InitiatorType {
+        Audio,
+        Beacon,
+        Body,
+        CSS,
+        EarlyHint,
+        Embed,
+        Fetch,
+        Font,
+        Frame,
+        IFrame,
+        Image,
+        IMG,
+        Input,
+        Link,
+        Object,
+        Ping,
+        Script,
+        Track,
+        Video,
+        XMLHttpRequest,
+        Other,
+    };
+
+    enum class Mode {
+        SameOrigin,
+        CORS,
+        NoCORS,
+        Navigate,
+        WebSocket,
+    };
+
+    enum class Origin {
+        Client,
+    };
+
+    enum class ParserMetadata {
+        ParserInserted,
+        NotParserInserted,
+    };
+
+    enum class PolicyContainer {
+        Client,
+    };
+
+    enum class RedirectMode {
+        Follow,
+        Error,
+        Manual,
+    };
+
+    enum class Referrer {
+        NoReferrer,
+        Client,
+    };
+
+    enum class ResponseTainting {
+        Basic,
+        CORS,
+        Opaque,
+    };
+
+    enum class ServiceWorkersMode {
+        All,
+        None,
+    };
+
+    enum class Window {
+        NoWindow,
+        Client,
+    };
+
+    // Members are implementation-defined
+    struct Priority { };
+
+    using BodyType = Variant<Empty, ByteBuffer, Body>;
+    using OriginType = Variant<Origin, HTML::Origin>;
+    using PolicyContainerType = Variant<PolicyContainer, HTML::PolicyContainer>;
+    using ReferrerType = Variant<Referrer, AK::URL>;
+    using ReservedClientType = Variant<Empty, HTML::Environment*, HTML::EnvironmentSettingsObject*>;
+    using WindowType = Variant<Window, HTML::EnvironmentSettingsObject*>;
+
+    Request() = default;
+
+    [[nodiscard]] ReadonlyBytes method() { return m_method; }
+    void set_method(ByteBuffer method) { m_method = move(method); }
+
+    [[nodiscard]] bool local_urls_only() const { return m_local_urls_only; }
+    void set_local_urls_only(bool local_urls_only) { m_local_urls_only = local_urls_only; }
+
+    [[nodiscard]] HeaderList const& header_list() const { return m_header_list; }
+    [[nodiscard]] HeaderList& header_list() { return m_header_list; }
+    void set_header_list(HeaderList header_list) { m_header_list = move(header_list); }
+
+    [[nodiscard]] bool unsafe_request() const { return m_unsafe_request; }
+    void set_unsafe_request(bool unsafe_request) { m_unsafe_request = unsafe_request; }
+
+    [[nodiscard]] BodyType const& body() const { return m_body; }
+    [[nodiscard]] BodyType& body() { return m_body; }
+    void set_body(BodyType body) { m_body = move(body); }
+
+    [[nodiscard]] HTML::EnvironmentSettingsObject const* client() const { return m_client; }
+    [[nodiscard]] HTML::EnvironmentSettingsObject* client() { return m_client; }
+    void set_client(HTML::EnvironmentSettingsObject& client) { m_client = &client; }
+
+    [[nodiscard]] ReservedClientType const& reserved_client() const { return m_reserved_client; }
+    [[nodiscard]] ReservedClientType& reserved_client() { return m_reserved_client; }
+    void set_reserved_client(ReservedClientType reserved_client) { m_reserved_client = move(reserved_client); }
+
+    [[nodiscard]] String const& replaces_client_id() const { return m_replaces_client_id; }
+    void set_replaces_client_id(String replaces_client_id) { m_replaces_client_id = move(replaces_client_id); }
+
+    [[nodiscard]] WindowType const& window() const { return m_window; }
+    void set_window(WindowType window) { m_window = move(window); }
+
+    [[nodiscard]] bool keepalive() const { return m_keepalive; }
+    void set_keepalive(bool keepalive) { m_keepalive = keepalive; }
+
+    [[nodiscard]] Optional<InitiatorType> const& initiator_type() const { return m_initiator_type; }
+    void set_initiator_type(Optional<InitiatorType> initiator_type) { m_initiator_type = move(initiator_type); }
+
+    [[nodiscard]] ServiceWorkersMode service_workers_mode() { return m_service_workers_mode; }
+    void set_service_workers_mode(ServiceWorkersMode service_workers_mode) { m_service_workers_mode = service_workers_mode; }
+
+    [[nodiscard]] Optional<Initiator> const& initiator() const { return m_initiator; }
+    void set_initiator(Optional<Initiator> initiator) { m_initiator = move(initiator); }
+
+    [[nodiscard]] Optional<Destination> const& destination() const { return m_destination; }
+    void set_destination(Optional<Destination> destination) { m_destination = move(destination); }
+
+    [[nodiscard]] Optional<Priority> const& priority() const { return m_priority; }
+    void set_priority(Optional<Priority> priority) { m_priority = move(priority); }
+
+    [[nodiscard]] OriginType const& origin() const { return m_origin; }
+    void set_origin(OriginType origin) { m_origin = move(origin); }
+
+    [[nodiscard]] Mode mode() const { return m_mode; }
+    void set_mode(Mode mode) { m_mode = mode; }
+
+    [[nodiscard]] bool use_cors_preflight() const { return m_use_cors_preflight; }
+    void set_use_cors_preflight(bool use_cors_preflight) { m_use_cors_preflight = use_cors_preflight; }
+
+    [[nodiscard]] CredentialsMode credentials_mode() const { return m_credentials_mode; }
+    void set_credentials_mode(CredentialsMode credentials_mode) { m_credentials_mode = credentials_mode; }
+
+    [[nodiscard]] bool use_url_credentials() const { return m_use_url_credentials; }
+    void set_use_url_credentials(bool use_url_credentials) { m_use_url_credentials = use_url_credentials; }
+
+    [[nodiscard]] CacheMode cache_mode() const { return m_cache_mode; }
+    void set_cache_mode(CacheMode cache_mode) { m_cache_mode = cache_mode; }
+
+    [[nodiscard]] RedirectMode redirect_mode() const { return m_redirect_mode; }
+    void set_redirect_mode(RedirectMode redirect_mode) { m_redirect_mode = redirect_mode; }
+
+    [[nodiscard]] String const& integrity_metadata() const { return m_integrity_metadata; }
+    void set_integrity_metadata(String integrity_metadata) { m_integrity_metadata = move(integrity_metadata); }
+
+    [[nodiscard]] String const& cryptographic_nonce_metadata() const { return m_cryptographic_nonce_metadata; }
+    void set_cryptographic_nonce_metadata(String cryptographic_nonce_metadata) { m_cryptographic_nonce_metadata = move(cryptographic_nonce_metadata); }
+
+    [[nodiscard]] Optional<ParserMetadata> const& parser_metadata() const { return m_parser_metadata; }
+    void set_parser_metadata(Optional<ParserMetadata> parser_metadata) { m_parser_metadata = move(parser_metadata); }
+
+    [[nodiscard]] bool reload_navigation() const { return m_reload_navigation; }
+    void set_reload_navigation(bool reload_navigation) { m_reload_navigation = reload_navigation; }
+
+    [[nodiscard]] bool history_navigation() const { return m_history_navigation; }
+    void set_history_navigation(bool history_navigation) { m_history_navigation = history_navigation; }
+
+    [[nodiscard]] bool user_activation() const { return m_user_activation; }
+    void set_user_activation(bool user_activation) { m_user_activation = user_activation; }
+
+    [[nodiscard]] bool render_blocking() const { return m_render_blocking; }
+    void set_render_blocking(bool render_blocking) { m_render_blocking = render_blocking; }
+
+    [[nodiscard]] Vector<AK::URL> const& url_list() const { return m_url_list; }
+    [[nodiscard]] Vector<AK::URL>& url_list() { return m_url_list; }
+    void set_url_list(Vector<AK::URL> url_list) { m_url_list = move(url_list); }
+
+    [[nodiscard]] u8 redirect_count() const { return m_redirect_count; }
+    void set_redirect_count(u8 redirect_count) { m_redirect_count = redirect_count; }
+
+    [[nodiscard]] ResponseTainting response_tainting() const { return m_response_tainting; }
+    void set_response_tainting(ResponseTainting response_tainting) { m_response_tainting = response_tainting; }
+
+    [[nodiscard]] bool prevent_no_cache_cache_control_header_modification() const { return m_prevent_no_cache_cache_control_header_modification; }
+    void set_prevent_no_cache_cache_control_header_modification(bool prevent_no_cache_cache_control_header_modification) { m_prevent_no_cache_cache_control_header_modification = prevent_no_cache_cache_control_header_modification; }
+
+    [[nodiscard]] bool done() const { return m_done; }
+    void set_done(bool done) { m_done = done; }
+
+    [[nodiscard]] bool timing_allow_failed() const { return m_timing_allow_failed; }
+    void set_timing_allow_failed(bool timing_allow_failed) { m_timing_allow_failed = timing_allow_failed; }
+
+    [[nodiscard]] AK::URL const& url() const;
+    [[nodiscard]] AK::URL const& current_url();
+    void set_url(AK::URL url);
+
+    [[nodiscard]] bool destination_is_script_like() const;
+
+    [[nodiscard]] bool is_subresource_request() const;
+    [[nodiscard]] bool is_non_subresource_request() const;
+    [[nodiscard]] bool is_navigation_request() const;
+
+    [[nodiscard]] bool has_redirect_tainted_origin() const;
+
+    [[nodiscard]] String serialize_origin() const;
+    [[nodiscard]] ErrorOr<ByteBuffer> byte_serialize_origin() const;
+
+    [[nodiscard]] Request clone() const;
+
+    [[nodiscard]] ErrorOr<void> add_range_reader(u64 first, Optional<u64> const& last);
+
+    [[nodiscard]] bool cross_origin_embedder_policy_allows_credentials() const;
+
+private:
+    // https://fetch.spec.whatwg.org/#concept-request-method
+    // A request has an associated method (a method). Unless stated otherwise it is `GET`.
+    ByteBuffer m_method;
+
+    // https://fetch.spec.whatwg.org/#local-urls-only-flag
+    // A request has an associated local-URLs-only flag. Unless stated otherwise it is unset.
+    bool m_local_urls_only { false };
+
+    // https://fetch.spec.whatwg.org/#concept-request-header-list
+    // A request has an associated header list (a header list). Unless stated otherwise it is empty.
+    HeaderList m_header_list;
+
+    // https://fetch.spec.whatwg.org/#unsafe-request-flag
+    // A request has an associated unsafe-request flag. Unless stated otherwise it is unset.
+    bool m_unsafe_request { false };
+
+    // https://fetch.spec.whatwg.org/#concept-request-body
+    // A request has an associated body (null, a byte sequence, or a body). Unless stated otherwise it is null.
+    BodyType m_body;
+
+    // https://fetch.spec.whatwg.org/#concept-request-client
+    // A request has an associated client (null or an environment settings object).
+    HTML::EnvironmentSettingsObject* m_client { nullptr };
+
+    // https://fetch.spec.whatwg.org/#concept-request-reserved-client
+    // A request has an associated reserved client (null, an environment, or an environment settings object). Unless stated otherwise it is null.
+    ReservedClientType m_reserved_client;
+
+    // https://fetch.spec.whatwg.org/#concept-request-replaces-client-id
+    // A request has an associated replaces client id (a string). Unless stated otherwise it is the empty string.
+    String m_replaces_client_id { String::empty() };
+
+    // https://fetch.spec.whatwg.org/#concept-request-window
+    // A request has an associated window ("no-window", "client", or an environment settings object whose global object is a Window object). Unless stated otherwise it is "client".
+    WindowType m_window { Window::Client };
+
+    // https://fetch.spec.whatwg.org/#request-keepalive-flag
+    // A request has an associated boolean keepalive. Unless stated otherwise it is false.
+    bool m_keepalive { false };
+
+    // https://fetch.spec.whatwg.org/#request-initiator-type
+    // A request has an associated initiator type, which is null, "audio", "beacon", "body", "css", "early-hint", "embed", "fetch", "font", "frame", "iframe", "image", "img", "input", "link", "object", "ping", "script", "track", "video", "xmlhttprequest", or "other". Unless stated otherwise it is null. [RESOURCE-TIMING]
+    Optional<InitiatorType> m_initiator_type;
+
+    // https://fetch.spec.whatwg.org/#request-service-workers-mode
+    // A request has an associated service-workers mode, that is "all" or "none". Unless stated otherwise it is "all".
+    ServiceWorkersMode m_service_workers_mode { ServiceWorkersMode::All };
+
+    // https://fetch.spec.whatwg.org/#concept-request-initiator
+    // A request has an associated initiator, which is the empty string, "download", "imageset", "manifest", "prefetch", "prerender", or "xslt". Unless stated otherwise it is the empty string.
+    Optional<Initiator> m_initiator;
+
+    // https://fetch.spec.whatwg.org/#concept-request-destination
+    // A request has an associated destination, which is the empty string, "audio", "audioworklet", "document", "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report", "script", "serviceworker", "sharedworker", "style", "track", "video", "worker", or "xslt". Unless stated otherwise it is the empty string.
+    Optional<Destination> m_destination;
+
+    // https://fetch.spec.whatwg.org/#concept-request-priority
+    // A request has an associated priority (null or a user-agent-defined object). Unless otherwise stated it is null.
+    Optional<Priority> m_priority;
+
+    // https://fetch.spec.whatwg.org/#concept-request-origin
+    // A request has an associated origin, which is "client" or an origin. Unless stated otherwise it is "client".
+    OriginType m_origin { Origin::Client };
+
+    // https://fetch.spec.whatwg.org/#concept-request-policy-container
+    // A request has an associated policy container, which is "client" or a policy container. Unless stated otherwise it is "client".
+    PolicyContainerType m_policy_container { PolicyContainer::Client };
+
+    // https://fetch.spec.whatwg.org/#concept-request-referrer
+    // A request has an associated referrer, which is "no-referrer", "client", or a URL. Unless stated otherwise it is "client".
+    ReferrerType m_referrer { Referrer::Client };
+
+    // https://fetch.spec.whatwg.org/#concept-request-referrer-policy
+    // FIXME: A request has an associated referrer policy, which is a referrer policy. Unless stated otherwise it is the empty string.
+
+    // https://fetch.spec.whatwg.org/#concept-request-mode
+    // A request has an associated mode, which is "same-origin", "cors", "no-cors", "navigate", or "websocket". Unless stated otherwise, it is "no-cors".
+    Mode m_mode { Mode::NoCORS };
+
+    // https://fetch.spec.whatwg.org/#use-cors-preflight-flag
+    // A request has an associated use-CORS-preflight flag. Unless stated otherwise, it is unset.
+    bool m_use_cors_preflight { false };
+
+    // https://fetch.spec.whatwg.org/#concept-request-credentials-mode
+    // A request has an associated credentials mode, which is "omit", "same-origin", or "include". Unless stated otherwise, it is "same-origin".
+    CredentialsMode m_credentials_mode { CredentialsMode::SameOrigin };
+
+    // https://fetch.spec.whatwg.org/#concept-request-use-url-credentials-flag
+    // A request has an associated use-URL-credentials flag. Unless stated otherwise, it is unset.
+    bool m_use_url_credentials { false };
+
+    // https://fetch.spec.whatwg.org/#concept-request-cache-mode
+    // A request has an associated cache mode, which is "default", "no-store", "reload", "no-cache", "force-cache", or "only-if-cached". Unless stated otherwise, it is "default".
+    CacheMode m_cache_mode { CacheMode::Default };
+
+    // A request has an associated redirect mode, which is "follow", "error", or "manual". Unless stated otherwise, it is "follow".
+    RedirectMode m_redirect_mode { RedirectMode::Follow };
+
+    // A request has associated integrity metadata (a string). Unless stated otherwise, it is the empty string.
+    String m_integrity_metadata { String::empty() };
+
+    // A request has associated cryptographic nonce metadata (a string). Unless stated otherwise, it is the empty string.
+    String m_cryptographic_nonce_metadata { String::empty() };
+
+    // A request has associated parser metadata which is the empty string, "parser-inserted", or "not-parser-inserted". Unless otherwise stated, it is the empty string.
+    Optional<ParserMetadata> m_parser_metadata;
+
+    // A request has an associated reload-navigation flag. Unless stated otherwise, it is unset.
+    bool m_reload_navigation { false };
+
+    // https://fetch.spec.whatwg.org/#concept-request-history-navigation-flag
+    // A request has an associated history-navigation flag. Unless stated otherwise, it is unset.
+    bool m_history_navigation { false };
+
+    // https://fetch.spec.whatwg.org/#request-user-activation
+    // A request has an associated boolean user-activation. Unless stated otherwise, it is false.
+    bool m_user_activation { false };
+
+    // https://fetch.spec.whatwg.org/#request-render-blocking
+    // A request has an associated boolean render-blocking. Unless stated otherwise, it is false.
+    bool m_render_blocking { false };
+
+    // https://fetch.spec.whatwg.org/#concept-request-url-list
+    // A request has an associated URL list (a list of one or more URLs). Unless stated otherwise, it is a list containing a copy of request’s URL.
+    Vector<AK::URL> m_url_list;
+
+    // https://fetch.spec.whatwg.org/#concept-request-redirect-count
+    // A request has an associated redirect count. Unless stated otherwise, it is zero.
+    // NOTE: '4.4. HTTP-redirect fetch' infers a limit of 20.
+    u8 m_redirect_count { 0 };
+
+    // https://fetch.spec.whatwg.org/#concept-request-response-tainting
+    // A request has an associated response tainting, which is "basic", "cors", or "opaque". Unless stated otherwise, it is "basic".
+    ResponseTainting m_response_tainting { ResponseTainting::Basic };
+
+    // https://fetch.spec.whatwg.org/#no-cache-prevent-cache-control
+    // A request has an associated prevent no-cache cache-control header modification flag. Unless stated otherwise, it is unset.
+    bool m_prevent_no_cache_cache_control_header_modification { false };
+
+    // https://fetch.spec.whatwg.org/#done-flag
+    // A request has an associated done flag. Unless stated otherwise, it is unset.
+    bool m_done { false };
+
+    // https://fetch.spec.whatwg.org/#timing-allow-failed
+    // A request has an associated timing allow failed flag. Unless stated otherwise, it is unset.
+    bool m_timing_allow_failed { false };
+};
+
+}
diff --git a/Userland/Libraries/LibWeb/Forward.h b/Userland/Libraries/LibWeb/Forward.h
index 3fdd3f4d73..98b5cc2227 100644
--- a/Userland/Libraries/LibWeb/Forward.h
+++ b/Userland/Libraries/LibWeb/Forward.h
@@ -173,6 +173,7 @@ namespace Web::Fetch {
 class Body;
 struct Header;
 class HeaderList;
+class Request;
 }
 
 namespace Web::Geometry {