Re: [whatwg/fetch] Streaming upload and Timing-Allow-Origin (#1007) from npm1 on 2020-03-17 (public-webapps-github@w3.org from March 2020)

From: npm1 <notifications@github.com>
Date: Tue, 17 Mar 2020 12:41:16 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/1007/600261397@github.com>

We have an issue regarding `nextHopProtocol`: https://github.com/w3c/resource-timing/issues/221. I don't think that right now it's gated under `Timing-Allow-Origin`, so I see no reason to gate on this here. It's not the correct header to use here, as TAO should affect measurement, not functionality. It would be better to consider whether other security primitives (CORP, COEP) are needed here. TAO is not.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1007#issuecomment-600261397

Received on Tuesday, 17 March 2020 19:41:29 UTC