- From: Ben Kelly <notifications@github.com>
- Date: Fri, 02 Jun 2017 12:38:04 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 2 June 2017 19:38:36 UTC
> I'm pretty sure we discussed this model at length with @jakearchibald et al. Ok, but having looked at the implementation I really dislike this decision. I think a safe invariant is "tainting only ever goes up and never goes down". In order to implement this I have to allow tainting to be downgraded. This increases the risks of future security bugs in gecko (and maybe other browsers). I'll implement this for compat, but I just want to note I'm doing it with objection. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/535#issuecomment-305890156
Received on Friday, 2 June 2017 19:38:36 UTC