- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 29 May 2018 03:00:06 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 29 May 2018 10:00:35 UTC
FYI: the PR is pretty close to done. One final thing I'd like us to consider is whether we should add port restrictions to same site, as originally proposed by @jeisigner for a number of features (none for which it's been done thus far, mind). The idea would be that request and response are only same site if either: * Both their ports are the https://url.spec.whatwg.org/#default-port (this would allow 80 requesting 443 for ease of HTTPS migration). * Neither of their ports are the default port. (I guess this puts a mild dependency on the scheme too.) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/687#issuecomment-392722063
Received on Tuesday, 29 May 2018 10:00:35 UTC