Neil Van Dyke writes: > Christopher Lemmer Webber wrote on 09/01/2018 09:05 PM: > >> Waterken uses URI fragments to get around this in a secure way, since >> browsers do not transmit the URI fragment to the server: > > There's lots of ways that URL fragment identifiers can leak from a > browser, to untrustworthy parties, or to weaker storage, with all the > cloudy/snoopy 'services' going on. I've also seen fragment > identifiers in `Referer` fields of access logs.
Wow. That's definitely violating the spec, but I guess I'm not surprised. :( -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
