Re: [whatwg/fetch] Proposal: `Sec-Site` should capture information about the requester of a resource (#700) from Daniel Veditz on 2018-04-16 (public-webapps-github@w3.org from April 2018)

From: Daniel Veditz <notifications@github.com>
Date: Mon, 16 Apr 2018 19:58:03 +0000 (UTC)
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/700/381729564@github.com>

Is there any room in this proposal for including the type of request (corresponding to the "AS script" etc in other specs). If you've got a document URL with params and it's being requested as an IMG  then it's probably an attack of some kind.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/700#issuecomment-381729564

Received on Monday, 16 April 2018 19:58:27 UTC