You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current security considerations text implies that there are good defenses against cross-protocol attacks. QUIC isn't completely free from this style of attack. Some careful rewording might be needed.
The text was updated successfully, but these errors were encountered:
In looking into this text and the related specifications I decided that
it would be better to address the risk of request forgery in the
protocol specifications. Right now, they say nothing about this
problem, but they really should. I'm going to open an issue.
On the assumption that the protocol documents address this problem
adequately, then this document doesn't need to concern itself with the
problem. It is enough to remove any false claims and defer to the
protocol spec.
This contains a tweak to the adjacent text for the Origin field (w3c#368),
but it doesn't fix that issue.
Closesw3c#175.
The current security considerations text implies that there are good defenses against cross-protocol attacks. QUIC isn't completely free from this style of attack. Some careful rewording might be needed.
The text was updated successfully, but these errors were encountered: