- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 02 May 2017 10:50:45 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 2 May 2017 17:51:17 UTC
Ah yes, you're correct. I don't think we should change the last step, that would introduce security issues. I don't think the current setup has a security issue though. Yes, you can request a "no-cors" cross-origin URL and get a "basic" response back, but as far as I can tell that's all safe. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/535#issuecomment-298710258
Received on Tuesday, 2 May 2017 17:51:17 UTC