- From: Mike West <notifications@github.com>
- Date: Tue, 24 Jan 2017 01:18:31 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 24 January 2017 09:19:21 UTC
Usage of the 'ftp:' protocol when requesting subresources from non-'ftp:'
clients has slowly declined over the last few years to the point where
it represents a negligable amount of traffic[1]. The protocol does not
support modern requirements, like encryption, and there's interest from
at least one browser vendor in removing support for FTP from their
network stack entirely in general[2].
To that end, this patch alters Fetch to block FTP subresources from
webby clients. That is, a page delivered from `http://example.com/`
will receive a network error response to requests like those generated
from `<img src='ftp://example.com/image.png'>`.
[1]: https://www.chromestatus.com/metrics/feature/timeline/popularity/531
[2]: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/bIJdwwoQ98U/-F1aL2FgBAAJ
You can view, comment on, or merge this pull request online at:
https://github.com/whatwg/fetch/pull/464
-- Commit Summary --
* Block 'ftp:' requests from non-'ftp:' clients.
-- File Changes --
M fetch.bs (6)
-- Patch Links --
https://github.com/whatwg/fetch/pull/464.patch
https://github.com/whatwg/fetch/pull/464.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/464
Received on Tuesday, 24 January 2017 09:19:21 UTC