Re: [w3c/webcomponents] HTML, CSS, and JSON modules shouldn't solely rely on MIME type to change parsing behavior (#839) from Gus Caplan on 2019-11-08 (public-webapps-github@w3.org from November 2019)

From: Gus Caplan <notifications@github.com>
Date: Fri, 08 Nov 2019 09:48:36 -0800
To: w3c/webcomponents <webcomponents@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webcomponents/issues/839/551925426@github.com>

doesn't failing open just leave people who forget these checks exposed? it only takes one slipup, and a malicious script could exfiltrate user data, exploit jit bugs, etc.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webcomponents/issues/839#issuecomment-551925426

Received on Friday, 8 November 2019 17:48:47 UTC