Re: [fetch] Cache mode: security review (#39)

Have we made any progress on this one? 

FWIW, I agree with @mnot's assessment in https://github.com/slightlyoff/ServiceWorker/issues/585#issuecomment-71932631.

A slight tangent, but related to this issue: I hear a lot of requests from developers for being able to (a) observe if fetched resources came from HTTP cache, and (b) the size of the fetched resources. The primary use cases are typically for monitoring and enforcing data budgets, bandwidth-estimation, and diagnostics (e.g. detect resources that were, for whatever reason, delivered without compression; estimating and improving cache hit rates, etc).

To address the above both Nav and Resource Timing added `{transfer, encodedBody, decodedBody}size` (see [RT](http://w3c.github.io/resource-timing/#widl-PerformanceResourceTiming-transferSize)), but implementations are blocked on similar concerns as discussed here.

I'd love to come to a resolution on this.

---
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/39#issuecomment-140908410

Received on Wednesday, 16 September 2015 22:07:41 UTC