From ce5d83af46408d691c512d7abec02b87e4bfc690 Mon Sep 17 00:00:00 2001
From: Will Law <wilaw@akamai.com>
Date: Wed, 31 Jul 2024 16:42:43 +0200
Subject: [PATCH] Update index.bs

---
 index.bs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/index.bs b/index.bs
index 7afcb20d..e5902f45 100644
--- a/index.bs
+++ b/index.bs
@@ -830,9 +830,8 @@ sequence&lt;{{WebTransportHash}}&gt; |serverCertificateHashes|, run these steps.
    [=environment settings object/policy container=], [=request/destination=] is an empty string,
    [=request/origin=] is |origin| and [=request/redirect mode=] is "error". 
 
-Note: redirects are intentionally not exposed to the application. In cross-origin contexts, this
-would reveal information that would normally be blocked by CORS. In same-origin contexts, it 
-would encourage users to abuse the handshake as a vector for passing information. 
+Note: Redirects are not followed. Network errors caused by redirection are intentionally indistinguishable from other network errors.  In cross-origin contexts, this would reveal information that would normally be blocked
+by CORS. In same-origin contexts, it would encourage users to abuse the handshake as a vector for passing information. 
 
 1. Run <a>report Content Security Policy violations for |request|</a>.
 1. If [=should request be blocked by Content Security Policy?=] with |request| returns