- From: Erik Anderson <notifications@github.com>
- Date: Fri, 27 Jun 2025 09:57:39 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 27 June 2025 16:57:43 UTC
erik-anderson left a comment (whatwg/fetch#1838) One of the concerns with Service Worker background sync was that it may allow leaking information about different networks a given device is using over time. A site could presumably abuse this mechanism to achieve that as well. It could set up an endpoint that always terminates the connection after receiving the URL in such a way that it generates a fetch failure for the client. It could then observe the future retries, even if they were hours or days later. To mitigate that risk, should there be a cap on how long (wall clock time) a retry will be attempted? And/or should it only attempt a retry if it looks like it's still on the same network interface, proxy configuration, and/or other networking configuration? -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/1838#issuecomment-3013757470 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/issues/1838/3013757470@github.com>
Received on Friday, 27 June 2025 16:57:43 UTC