Re: [SRI] Requiring CORS for SRI

On Thu, May 7, 2015 at 12:05 PM, Wendy Seltzer <> wrote:
> Can't we do the fetch without authentication?

You already do that, that's what crossorigin=anonymous does. Firewalls
are the problem, as I said so many times now... I recommend that
everyone that does not realize that CORS is required here takes a
crash course in web security. Here's a start:


Received on Thursday, 7 May 2015 10:12:06 UTC