Commit cc72fae4 authored by Lukasz Anforowicz's avatar Lukasz Anforowicz Committed by Commit Bot

Add references to From-Origin and Isolate-Me as potential opt-in mechanisms

Bug: 806996
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I5ffa57b0a4231917e3d3a227cb986c8f5a5f3827
Reviewed-on: https://chromium-review.googlesource.com/996313Reviewed-by: default avatarNick Carter <nick@chromium.org>
Reviewed-by: default avatarCharlie Reis <creis@chromium.org>
Commit-Queue: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#548205}
parent 236ec811
...@@ -682,8 +682,9 @@ In the future CORB may be extended to protect additional resources as follows: ...@@ -682,8 +682,9 @@ In the future CORB may be extended to protect additional resources as follows:
This would make it possible to CORB-protect resources like This would make it possible to CORB-protect resources like
images or JavaScript (including JSONP). images or JavaScript (including JSONP).
> [lukasza@chromium.org] TODO: Is there an existing HTTP response header > [lukasza@chromium.org] Currently considered CORB opt-in signals include:
> that may be used in this context? > - `From-Origin:` header - https://github.com/whatwg/fetch/issues/687
> - `Isolate-Me` header - https://github.com/WICG/isolation
## Appendix: Early attempt to codify CORB algorithm ## Appendix: Early attempt to codify CORB algorithm
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment