- From: Anne van Kesteren <notifications@github.com>
- Date: Tue, 03 Mar 2026 22:58:24 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 4 March 2026 06:58:28 UTC
annevk left a comment (whatwg/fetch#1838) Your point is that the we'd keep retrying through the attacker-controlled server? Perhaps that means `retryFromLastRedirectHop` should not be an option and instead be what we always do for this feature (or we don't allow redirects). Redirects in relation to this feature probably needs more evaluation as they are always a source of security bugs. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/1838#issuecomment-3995685030 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/issues/1838/3995685030@github.com>
Received on Wednesday, 4 March 2026 06:58:28 UTC