- From: David Barratt <notifications@github.com>
- Date: Wed, 15 Aug 2018 05:44:53 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 15 August 2018 12:45:15 UTC
@annevk so instead of making the less than 1% of sites that that applies to opt-in to a _restriction_ we'd rather the 99%+ of sites out-in to the request being _allowed_? Asking that number of sites to opt-in creates a potential security vulnerability if they use `*` with credentials? On top of that, it cripples web apps from being able to access publicly available resources without _asking_ for permission to do so. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/787#issuecomment-413186342
Received on Wednesday, 15 August 2018 12:45:15 UTC