- From: Anne van Kesteren <notifications@github.com>
- Date: Thu, 17 Sep 2015 07:42:42 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Thursday, 17 September 2015 14:43:09 UTC
So what I think we should do is that HTML just treats any tainted response as same-origin (that is what happens today and makes sense) and that Fetch blocks opaque responses from the service worker (so that you can't exploit it). --- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/126#issuecomment-141108327
Received on Thursday, 17 September 2015 14:43:09 UTC