- From: Anne van Kesteren <notifications@github.com>
- Date: Mon, 22 Feb 2021 10:20:56 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 22 February 2021 18:21:08 UTC
What I linked also points to https://fetch.spec.whatwg.org/#atomic-http-redirect-handling which is also discussed earlier in the thread. Basically, the value of a `Location` header can about as sensitive as an HttpOnly cookie. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/601#issuecomment-783573576
Received on Monday, 22 February 2021 18:21:08 UTC