Re: [fetch] Treat Last-Event-ID and Client-Hints headers as simple headers (#258) from Ilya Grigorik on 2016-03-22 (public-webapps-github@w3.org from March 2016)

From: Ilya Grigorik <notifications@github.com>
Date: Tue, 22 Mar 2016 11:27:45 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Message-ID: <whatwg/fetch/pull/258/c199951685@github.com>

> Where did this get security review?

For Client Hints, we went through a privacy and security review as [part of our intent to ship](https://groups.google.com/a/chromium.org/d/msg/blink-dev/ATbqmznya_k/ze5wpG8rAQAJ); same for [Save-Data](https://groups.google.com/a/chromium.org/d/msg/blink-dev/-_pEwnE_e_Y/zx5KFs3VBAAJ).

> Note that in whatwg/html#689 we might change the value space of Last-Event-ID.

Ah, that makes sense. I'm happy to drop Last-Event-ID from this pull until that's resolved.

> According to dev.platform the Client-Hints headers are still controversial. Are there any user agents other than Chromium shipping these?

Chrome and Opera supports Width, Viewport-Width, DPR, Save-Data. Yandex is [shipping Save-Data](https://developers.google.com/web/updates/2016/02/save-data). Edge has it [listed as under consideration](https://dev.windows.com/en-us/microsoft-edge/platform/status/httpclienthints).


---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/258#issuecomment-199951685

Received on Tuesday, 22 March 2016 18:28:12 UTC