- From: Noam Rosenthal <notifications@github.com>
- Date: Fri, 11 Mar 2022 05:07:31 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 11 March 2022 13:07:43 UTC
> Right, for style sheets and scripts the main concern I have is around fetching logic (do all the bits and in particular `Referer` end up being set correctly). For `fetch()` (and also `<img>`) the concern is more about application security. In that there are now side effects where previously there were none. Though that's less specific to the recursive aspect, isn't it? An image with a link header would have a side-effect regardless of it being recursive. Perhaps resources should only be allowed to trigger preloads to the kinds of resources it might end up fetching? (maybe this means that only styles & scripts can have preload headers) -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1409#issuecomment-1065097126 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1409/c1065097126@github.com>
Received on Friday, 11 March 2022 13:07:43 UTC