- From: Marijn Kruisselbrink <notifications@github.com>
- Date: Mon, 16 May 2016 10:13:15 -0700
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
- Cc:
Received on Monday, 16 May 2016 17:13:42 UTC
Currently the way foreign fetch is specified, a foreign fetch handler always has access to the requests origin. When a requests referrer policy is `no-referrer` this should probably not be allowed though. Not sure what the best thing to do here would be though: 1. Change `ForeignFetchEvent.origin` to return `"null"` if the referrer policy is `no-referrer`. Which would effectively mean foreign fetch could only reply with opaque responses to these requests (which again means it can only reply to no-cors requests). Or maybe just 2. Don't allow foreign fetch to intercept no-referrer requests at all. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/899
Received on Monday, 16 May 2016 17:13:42 UTC