I'm obviously in full support. While y'all are at it, figuring out a way to do CORS-less cross-domain fetching with content access would be 

-
-
-
I have repeatedly asked
@mikewest and the WebAppSec group for such a CORS mode. It has not materialized thus far.
End of conversation
New conversation -
-
-
can we call them cakes this time, or brownies?
-
Biscuits?

End of conversation
New conversation -
-
-
This guy,
@mikewest, is so
.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Love this and think it's a good stepping stone tho in practice seems to me HttpOnly sessions are a dying art. Lotta devs think JS accessable JWTs are a session now. (It drives me nuts.)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.