Anne van Kesteren
Anne van Kesteren
I agree that it's somewhat minor from an observability perspective, but I think it does end up changing the algorithm in some substantive ways. As in, we have to wait...
If we can agree on a limit I agree that would be good. cc @chihweitung
We would need some telemetry, but ideally we would fail in that case. Sites can specify `Content-Type: text/javascript` correctly if they need to fetch JavaScript that big. Otherwise we would...
I don't think it's possible to get a reliable answer from the JavaScript parser for partial input in a way that can be standardized without a ton effort, but perhaps...
Decoding is tracked by #7 and I think I have a solution that works. And yeah, those are the kind of problems I heard about when I asked others about...
Unless there's credible alternative to looking at the whole response, I suggest we mark this as something to look into in the future. It's not clear to me it has...
You could safelist them, but then indeed you cannot host sensitive information in such resources. At least not unless you put additional protection in place. cc @jyasskin (There's also the...
When I navigate to ``` ... Content-Type: text/javascript test ``` it renders as ``` test ``` in all browsers for me. If we changed step 6 as you suggest we...
Note that due to SharedArrayBuffer you're effectively required to use a thread per worker or else you'd violate ECMAScript's agent concept.
For validity the URL Standard follows https://tools.ietf.org/html/rfc3987 to encourage producers to make URLs that work in most places. I don't really know the rationale behind `|`.