- From: Ryan Pellette <ryan@catchpoint.com>
- Date: Tue, 6 Jan 2015 19:06:50 +0000
- To: "public-web-perf@w3.org" <public-web-perf@w3.org>
Received on Wednesday, 7 January 2015 10:07:48 UTC
Steve, thanks for posting about this issue and leading the charge to change to the specification. I completely agree - it is a big limitation. The networkDuration is a great addition, but how about getting this further and removing the Timing-Allow-Origin header requirement? The data the API provides does not contain any private data about the end user or the URL, or the interaction between the two, so what is it really protecting?
Received on Wednesday, 7 January 2015 10:07:48 UTC