- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 11 Aug 2015 10:12:09 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Tuesday, 11 August 2015 17:14:16 UTC
The way I read the proposal is that you can pin the certificate for certain origins your origin might connect to. Basically putting additional requirements on cross-origin requests. Third-party script seems like a red herring. No different from a first-party script. An origin must not have the ability to change its own pins through script. --- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/98#issuecomment-129974388
Received on Tuesday, 11 August 2015 17:14:16 UTC