- From: Anne van Kesteren <notifications@github.com>
- Date: Thu, 31 Jan 2019 00:01:22 -0800
- To: w3c/webcomponents <webcomponents@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 31 January 2019 08:01:43 UTC
The reason is that the processing model is vastly different. So directly navigating to the page might lead to some exploit. E.g., elsewhere there was an argument that CSP would not need to apply. So if servers don't send CSP headers for these resources, problem... Etc. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webcomponents/issues/742#issuecomment-459251553
Received on Thursday, 31 January 2019 08:01:43 UTC