Re: [ServiceWorker] Update service worker with a response object (#819) from Jake Archibald on 2016-01-20 (public-webapps-github@w3.org from January 2016)

From: Jake Archibald <notifications@github.com>
Date: Wed, 20 Jan 2016 00:57:24 -0800
To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Message-ID: <slightlyoff/ServiceWorker/issues/819/173133677@github.com>

I don't think we want to allow this, as it would turn a small XSS into a pretty serious thing.

Same reason we don't allow data or blob URLs. 

---
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/819#issuecomment-173133677

Received on Wednesday, 20 January 2016 08:57:51 UTC