You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
HTTPS prevents DNS rebinding, which is the only reason we apply PNA checks to same-origin fetches.
If a fetch is made from a potentially-trustworthy origin to itself, then an attacker could only be attacking themselves. If an attacker obtains a certificate for the victim origin, then it's too late for us to do anything about it.
The text was updated successfully, but these errors were encountered:
HTTPS prevents DNS rebinding, which is the only reason we apply PNA checks to same-origin fetches.
If a fetch is made from a potentially-trustworthy origin to itself, then an attacker could only be attacking themselves. If an attacker obtains a certificate for the victim origin, then it's too late for us to do anything about it.
The text was updated successfully, but these errors were encountered: