Re: [whatwg/fetch] Consider shifting the "bad port list" to an allowlist. (#1189) from Matt Menke on 2021-03-09 (public-webapps-github@w3.org from March 2021)

From: Matt Menke <notifications@github.com>
Date: Tue, 09 Mar 2021 06:32:30 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/1189/793974436@github.com>

Quick clarification:  That's not a malicious proxy, but a malicious PAC script.  There doesn't need to be any actual proxy in that scenario, the browser just needs to think it's using a proxy.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1189#issuecomment-793974436

Received on Tuesday, 9 March 2021 14:32:42 UTC