- From: sleevi <notifications@github.com>
- Date: Mon, 06 Jul 2015 10:10:25 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Message-ID: <whatwg/fetch/issues/34/118927355@github.com>
While Martin phrased it as "actually compelling", I would like to put out the other argument - experience is that there are profound security implications regarding how you operate on data and if and whether transformative operations are allowed to be sent in trailers that cause the content to be reinterpreted. For example, a big concern I spelled out in https://github.com/domenic/cancelable-promise/issues/4 was precisely regarding header truncation, with trailers offer (both implicitly - through poor implementations - and explicitly - via cancelable promises). I have little faith that trailers have received proper security analysis, especially given the past two decades of security research, with my gut (and my bias) being that they represent yet another attack vector for folks like @sirdarckcat in browsers being too clever for their own good. If there were demonstrably compelling reasons, then I'd hope it was first explored outside the context of any programatic API, so that proper security review and experience with could be accomplished. But I'm really not keen to even see this implemented in the browser - the gain vs risk is too disproportionally balanced in the latter. --- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/34#issuecomment-118927355
Received on Monday, 6 July 2015 17:10:53 UTC