Re: [whatwg/fetch] Block subresource requests whose URLs include credentials. (#465) from Mike West on 2017-02-09 (public-webapps-github@w3.org from February 2017)

From: Mike West <notifications@github.com>
Date: Thu, 09 Feb 2017 03:01:46 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/pull/465/c278610917@github.com>

FYI: I'm pretty sure Edge (and IE) already implement this. See https://groups.google.com/a/chromium.org/d/msg/blink-dev/lx-U_JR2BF0/dxXzIYjwBwAJ and https://support.microsoft.com/en-us/help/834489/internet-explorer-does-not-support-user-names-and-passwords-in-web-site-addresses-http-or-https-urls. @travisleithead can, I'm sure, confirm that.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/465#issuecomment-278610917

Received on Thursday, 9 February 2017 11:02:18 UTC