On Mon, May 8, 2017 at 3:36 AM, Anne van Kesteren <[email protected]> wrote:
> A connection can become anonymous-request-tainted when you send an > anonymous request over it. If a connection is authenticated the client > won't send an anonymous request over it and instead open a new connection. > In at least the common case, cookies, there is just no need for this rule and it leads to most of the confusion we have. The connection can easily mix cookies and no-cookies. _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
