- From: Joshua Bell <notifications@github.com>
- Date: Sun, 19 Feb 2017 09:46:15 -0800
- To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Sunday, 19 February 2017 17:46:49 UTC
The XSS attacker can compute the hash of the resource hosted off-domain, so the hash gives no extra defense. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/ServiceWorker/issues/940#issuecomment-280935016
Received on Sunday, 19 February 2017 17:46:49 UTC