- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 06 Sep 2016 23:47:11 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Wednesday, 7 September 2016 06:47:39 UTC
@mikewest the specification is largely aligned with Chrome already. That is why it has the flag to make data URLs same-origin in a limited number of contexts. The problem here is that Chrome is not consistent. E.g., not failing the load for `<script crossorigin>` is really weird behavior as the contract for opting into CORS is that either you get same-origin or failure. So it doesn't really help to hand-wave about the exceptions, we need to know them or Chrome needs to remove them. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/381#issuecomment-245190468
Received on Wednesday, 7 September 2016 06:47:39 UTC