- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 14 Oct 2022 01:17:07 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 14 October 2022 08:17:19 UTC
To be clear, while I said CORS strictly speaking wasn't needed, creating an exception does necessitate a bunch of work, including probably creating a new mode to fetch these resources as well as ensuring requests for these resources do not go beyond what we allow CORS fetches to do. And then accepting the ongoing maintenance cost of that. It's a lot simpler to stick with the CORS sandbox so I tend to agree with the TAG we should just do CORS here. There might also be problems with service workers. To get the same kind of isolation as `iframe` has the server serving the model would also have to run the service worker, which strikes me as not the kind of thing a web developer would expect. They would expect 3D models to be similar to images or style sheets. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/775#issuecomment-1278654953 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/775/1278654953@github.com>
Received on Friday, 14 October 2022 08:17:19 UTC