- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Thu, 28 Jan 2016 14:57:20 -0800
- To: Martin Thomson <martin.thomson@gmail.com>
- Cc: Mike West <mkwst@google.com>, WebAppSec WG <public-webappsec@w3.org>, Marijn Kruisselbrink <mek@google.com>
On Thu, Jan 28, 2016 at 2:44 PM, Martin Thomson <martin.thomson@gmail.com> wrote: > I suppose that responses retrieved via foreign fetch (as below) would > be marked cross-origin and would be opaque by default: > > event.respondWith(fetch(...)) Yes, every kind of response that you did not put through the Response.makeVisible() dance, whether same-origin, CORS, synthetic, or already opaque, would become opaque in the eyes of the caller (and potentially a network error therefore, depending on the caller's request settings). -- https://annevankesteren.nl/
Received on Thursday, 28 January 2016 22:57:45 UTC