jub0bs
jub0bs
https://fetch.spec.whatwg.org/commit-snapshots/9bb2ded94073377ec5d9b5e3cda391df6c769a0a/#responses > This is used to ensure to prevent a partial response [...] Either "to ensure" or "to prevent" should be dropped.
https://fetch.spec.whatwg.org/commit-snapshots/9bb2ded94073377ec5d9b5e3cda391df6c769a0a/#simple-header > unprivilaged API should be > unprivileged API
Because `MaxAge.Seconds` has type `uint64`, its value cannot be negative.
The section entitled _Same Site Cookies_ (p.130) conflates the concepts of _origin_ and _site_: > The browser will only send _SameSite_ cookies in the scope of a given origin A...
I'm trying to navigate down a JavaScript-heavy page. Is there any way to focus on a given page element (e.g. to force an infinite scroll to kick in)?
I've just published a [blog post](https://jub0bs.com/posts/2022-09-11-existence-oracle-for-secure-cookies-on-insecure-web-origins/) about a technique that allows an active network attacker to observe, from an insecure Web origin, the presence or absence of some Secure cookie...
While completing the test suite of [my CORS middleware library](https://pkg.go.dev/github.com/jub0bs/fcors), I ran into an interesting case. The [section entitled _CORS protocol and HTTP caches_](https://fetch.spec.whatwg.org/#cors-protocol-and-http-caches) says the following: > [...] if...
## TL;DR [Section 3.2.3](https://fetch.spec.whatwg.org/#http-responses) contains the following passage: > A successful HTTP response, i.e., one where the server developer intends to share it, to a CORS request can use any...
### Issue Description Echo's CORS middleware misclassifies all `OPTIONS` requests as preflight requests, thereby unduly preventing requests from hitting user-registered `OPTIONS` endpoints. I've previously discussed the general problem on [my...
## What type of PR is this? (check all applicable) - [ ] Refactor - [x] Feature - [ ] Bug Fix - [ ] Optimization - [ ] Documentation...