- From: Mike West <notifications@github.com>
- Date: Mon, 04 Apr 2016 02:57:38 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Monday, 4 April 2016 09:58:05 UTC
Is there a use-case driving this request? As-is, it seems like passing information between sites can be pretty cleanly done with GET parameters or POSTed bodies. Adding cookies in could certainly cause issues, and I'm not sure it's a good idea to give `evil.com` control over cookies in requests to `bank.com` (session-fixation to the site, it's attack surface that hasn't yet been exposed cross-origin). If there's something interesting driving the request, then let's chat about it. If not, I'd prefer to leave well-enough alone. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/268#issuecomment-205222686
Received on Monday, 4 April 2016 09:58:05 UTC