Contact emailsSpecificationSummaryEnforce the CORS policy specified in <link rel="icon"> labels.
Currently chrome always use no-cors mode when fetching favicons even if cross-origin attribute is specified. The browser shall follow the cross-origin attribute.Blink>SecurityFeature>CORSDebuggabilityIf a favicon fetch fails with a CORS error, it will be reported on the developer tools.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/d0e9454f-62c1-4c43-a1e1-2b39743062bbn%40chromium.org.
Hey Jiacheng!What are other browsers doing on that front?While I agree that this is not strictly web exposed (and hence doesn't really fit the "intent to ship" mould), this is something developers need to be aware of.On Thu, Sep 22, 2022 at 5:43 PM Jiacheng Guo <g...@chromium.org> wrote:Contact emailsSpecificationSummaryEnforce the CORS policy specified in <link rel="icon"> labels.
Currently chrome always use no-cors mode when fetching favicons even if cross-origin attribute is specified. The browser shall follow the cross-origin attribute.Blink>SecurityFeature>CORSDebuggabilityIf a favicon fetch fails with a CORS error, it will be reported on the developer tools.Can you also report such failures as Deprecation Reports?
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.