- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 07 Aug 2019 02:54:50 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 7 August 2019 09:55:12 UTC
I think it makes sense to do this for anti-tracking purposes and Firefox will likely do this. This should be relatively straightforward to add once #904 is fixed. Note that the partitioning of the HTTP cache has another motivation, namely thwarting XSLeaks-style of attacks (except for those through popups, sites will need to use COOP to thwart those). Those seem slightly less applicable here, though perhaps timing attacks on connection setup are feasible? (There is also a connection exhaustion attack, due to there being a global limit.) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/917#issuecomment-519028025
Received on Wednesday, 7 August 2019 09:55:12 UTC