- From: Ben Kelly <notifications@github.com>
- Date: Thu, 26 Apr 2018 13:34:58 +0000 (UTC)
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 26 April 2018 13:35:26 UTC
Its unfortunate, though, if I have to allow my service worker script to hit any cross-origin resource when I know my site only makes cross-origin requests for a particular destination type. It basically means you can't use CSP to lock down your SW script if you have any cross-origin resources you need to handle with respondWith(). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/717#issuecomment-384642812
Received on Thursday, 26 April 2018 13:35:26 UTC