Re: [whatwg/fetch] Block subresource requests whose URLs include credentials. (#465) from Sunil Mayya on 2023-08-04 (public-webapps-github@w3.org from August 2023)

From: Sunil Mayya <notifications@github.com>
Date: Fri, 04 Aug 2023 07:51:55 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/pull/465/c1665739137@github.com>

Hello @annevk, do you see any problem here?
I am implementing the changes required for this in Gecko. 
I guess we need to update [these](https://wpt.fyi/results/fetch/security/redirect-to-url-with-credentials.https.html?label=master&label=experimental&aligned&q=redirect-to-url-with-credentials.https.html) tests as they contain sub-resource loads with credentials?
However, I would like to know if you have plans to merge this before I submit the updates for the tests. 

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/465#issuecomment-1665739137
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/pull/465/c1665739137@github.com>

Received on Friday, 4 August 2023 14:52:00 UTC