Re: [whatwg/fetch] Proposal: Allow servers to take full responsibility for cross-origin access protection (#878) from Ruben Verborgh on 2019-03-08 (public-webapps-github@w3.org from March 2019)

From: Ruben Verborgh <notifications@github.com>
Date: Fri, 08 Mar 2019 09:08:08 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/878/471002873@github.com>

The server needs to update. Just like browsers are not responsible for
server-side input sanitation against SQL injection, they are not
responsible for servers that explicitly take responsibility of cross-origin
request protection.


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/878#issuecomment-471002873

Received on Friday, 8 March 2019 17:08:35 UTC