- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 10 May 2019 09:08:14 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 10 May 2019 16:08:40 UTC
Since the cache attacks are not that involved it seems rather risky to not do origin-based as it would mean a compromise of any example.com domain could be used to attack sensitive.example.com. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/904#issuecomment-491343199
Received on Friday, 10 May 2019 16:08:40 UTC