- From: Ben Kelly <notifications@github.com>
- Date: Fri, 11 Mar 2016 12:10:30 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Friday, 11 March 2016 20:10:59 UTC
Recently I saw a website in the wild attempting to do this:
```
var request(newURL, {
referrer: oldRequest.referrer,
// copy other attributes as well
});
```
This will work just fine during development on localhost, because .referrer will most likely always be same-origin. When the site is posted on twitter, for example, it will be visited through a t.co redirector. This results in a t.co referrer which is cross-origin.
So the site that worked fine in local development will blow up when its published to twitter. This seems like a bit of a footgun.
We could make new Request() silently ignore the value if its invalid instead of throwing. This is somewhat similar to using bad header values. They just get ignored.
---
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/245
Received on Friday, 11 March 2016 20:10:59 UTC