- From: Devdatta Akhawe <notifications@github.com>
- Date: Wed, 14 Sep 2016 11:57:51 -0700
- To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
Received on Wednesday, 14 September 2016 18:58:19 UTC
Security hygiene also suggests using POST for many requests that can be GETs to ensure that sensitive data is not in URIs and provide the usual CSRF protections for endpoints (even if they are not state changing. See the cross origin JSON leakage bug.) Thus, moving to service worker becomes a bit more painful since many POSTs are eminently cacheable. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/ServiceWorker/issues/977#issuecomment-247118425
Received on Wednesday, 14 September 2016 18:58:19 UTC