- From: Jake Archibald <notifications@github.com>
- Date: Tue, 08 May 2018 06:45:55 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 8 May 2018 13:46:17 UTC
I think the safelist approach is the way forward. That way, new APIs that wanted to use `no-cors` requests would need to make a change to the fetch spec. Through review, we could make sure those responses are distinguishable from content that's likely to contain user data (or encourage them to use CORS instead). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/721#issuecomment-387407435
Received on Tuesday, 8 May 2018 13:46:17 UTC