Hi Jeremy, On Thu, Nov 16, 2023 at 12:33 AM Jeremy Roman <jbro...@chromium.org> wrote:
> (3) Currently developers can only specify speculation rules using inline > script tags. The proposed feature provides an alternative through the > "Speculation-Rules" header. Its value must be a URL to a text resource with > "application/speculationrules+json" MIME type. The resource's rules will be > added to the document's rule set. > Is the URL from the speculation rules header restricted to same-origin resources? The examples seem to assume so; but I couldn't find any definite statement. The header parsing code reads to me like it would allow arbitrary URLs (cross-origin; or mixed http/https). Is this the intent? -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALG6KPOmdn2FiQKjHfCahooU_sARXz_gwGdw8-X8LQ%2B2%2BMFzhg%40mail.gmail.com.
