This is a massive change for cache in webapp templates as it makes their rendering more stable and thus more cacheable.

A key component here is that we are trusting the user's browser to not be tampered with, as it is the browser that sets the Sec-Fetch-Site header and guarantees it has not been tampered with.

I wonder if that's a new thing ? Do we already rely on browsers being correct in their implementation for something equally fundamental ?

▲

nchmy 2 hours ago | parent | next [-]

It's a shame you talked about browser tampering, since better caching is indeed a benefit of fetch metadata headers.

▲

tptacek 3 hours ago | parent | prev [-]

The entire web security model assumes we can trust browsers to implement web security policies!

▲

louiskottmann 2 hours ago | parent [-]

I appreciate that, but in the case of TLS or CSRF tokens the server is not blindly trusting the browser in the way Sec-Fetch-Site makes it.

▲

tptacek 2 hours ago | parent [-]

Sure it is. The same-origin rule that holds the whole web security model together is entirely a property of browser behavior.

	▲	louiskottmann 2 hours ago \| parent [-]
		That's indeed a good example of prior full trusting of the browser by the server.