Y
Hacker News
new
|
ask
|
show
|
jobs
by
h000per
2900 days ago
This should also help put an end to cross domain search timing attacks. An old example of one using the IMG tag:
https://www.idontplaydarts.com/2015/09/cross-domain-timing-a...
1 comments
tedunangst
2900 days ago
But chrome doesn't see the content type until after the response is served.
link
untog
2900 days ago
No, it sees the content type in the headers that are at the start of the response. Presumably if that header isn't correct it'll stop downloading any further data.
link
tedunangst
2900 days ago
After Lucene has spent some variable amount of time depending on how many documents match the query...
link