- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 06 Nov 2019 00:53:36 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 6 November 2019 08:53:39 UTC
CORS doesn't have anything to do with same-origin redirects. The reason we don't expose them is because they can contain secrets: https://fetch.spec.whatwg.org/#atomic-http-redirect-handling. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/955#issuecomment-550209913
Received on Wednesday, 6 November 2019 08:53:39 UTC