- From: Ruben Verborgh <notifications@github.com>
- Date: Tue, 19 Feb 2019 00:40:57 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 19 February 2019 08:41:19 UTC
Thanks @yoavweiss and @mnot, my colleague @pietercolpaert and I are writing a motivation. Many servers are currently using `Access-Control-Allow-Origin: *` as a `disable-cors-i-know-this-is-really-dangerous-for-my-site`, without really understanding a) that this is not what it means b) what is actually happening. Part of the argument is that such obscurity is actually worse then giving them control. We plan to provide an update soon. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/865#issuecomment-465039473
Received on Tuesday, 19 February 2019 08:41:19 UTC