- From: Marijn Kruisselbrink <notifications@github.com>
- Date: Wed, 31 Jan 2018 18:37:21 +0000 (UTC)
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 31 January 2018 18:40:03 UTC
> In a world where we have moved data URLs to opaque origins, do we want to open up cross-origin blob URLs? I don't think so, no. I would be greatly in favor of restricting all cross-origin blob URL loading (which matches what Firefox already seems to be doing). I'm not even sure if the few cases where Chrome doesn't block them are intentional or just bugs/oversights. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/666#issuecomment-362028112
Received on Wednesday, 31 January 2018 18:40:03 UTC