[Bug 24905] New: [imports]: Fetches for imports should be anonymous only for cross origin requests from bugzilla@jessica.w3.org on 2014-03-04 (public-webapps@w3.org from January to March 2014)

From: <bugzilla@jessica.w3.org>
Date: Tue, 04 Mar 2014 01:11:21 +0000
To: public-webapps@w3.org
Message-ID: <bug-24905-2927@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=24905

            Bug ID: 24905
           Summary: [imports]: Fetches for imports should be anonymous
                    only for cross origin requests
           Product: WebAppsWG
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Component Model
          Assignee: dglazkov@chromium.org
          Reporter: morrita@google.com
        QA Contact: public-webapps-bugzilla@w3.org
                CC: mike@w3.org, public-webapps@w3.org
            Blocks: 20683

Currently the fetch is always done in "anonymous" mode, 
but it could send credentials for same domain imports.

Also, the spec is confusingly uses fetch algorithm with legacy HTML parameters.
It could be simplified using the fetch standard directly.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Tuesday, 4 March 2014 01:11:26 UTC