- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 15 Apr 2016 10:12:14 -0700
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Received on Friday, 15 April 2016 17:13:24 UTC
Yeah, once you allow script, all bets are off. This is basically turning `@font-face` (and all other fetchers) into `<iframe>` elements. This might be surprising to certain As, but it doesn't really change anything fundamentally. If A doesn't want this, it should not use third parties. Now that we've gone back and forth a bit on it though, I could imagine the media having a field day with this once they find out. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/878#issuecomment-210550561
Received on Friday, 15 April 2016 17:13:24 UTC