- From: Yutaka Hirano <notifications@github.com>
- Date: Thu, 05 Jan 2017 02:51:35 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 5 January 2017 10:52:06 UTC
> Also, didn't we decide that this would require "cors"? Otherwise it seems you can maybe do more careful timing attacks? I don't remember that. Can you point a discussion? no-cors is already timing-attack fragile, though I'm fine with that restriction. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/425#issuecomment-270617026
Received on Thursday, 5 January 2017 10:52:06 UTC