- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 04 May 2018 07:02:48 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 4 May 2018 14:04:50 UTC
That's tracked in https://github.com/whatwg/html/issues/125 as well (though no security discussion there). But it seems to me that if you don't get `onload` and it therefore fails equivalently to TLS/DNS/CORS errors there isn't much revealed, unless you somehow already knew it to exist, but then why wouldn't you know about `From-Origin` either? Some Mozillians briefly discussed the code that landed in WebKit by the way and modulo the feedback above we're supportive of adding that to Firefox. I can work out a more concrete proposal in the form of a PR next week I think. Is anyone willing to write web-platform-tests? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/687#issuecomment-386611174
Received on Friday, 4 May 2018 14:04:50 UTC