- From: ArthurSonzogni <notifications@github.com>
- Date: Mon, 09 Dec 2019 08:25:41 -0800
- To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 9 December 2019 16:25:43 UTC
@annevk, If I fully understand what you said: From a document with ```Cross-Origin-Embedder-Policy: require-corp``` If a CORS request is made and the response contains:```Access-Control-Allow-Origin: *``` (for instance) Then the response is non-opaque and the document can access it. Even if the response do NOT have: ```Cross-Origin-Resource-Policy: cross-site``` Is it what you said? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/ServiceWorker/issues/1490#issuecomment-563317615
Received on Monday, 9 December 2019 16:25:43 UTC