If the client instance can cause the AS to fetch a URL, especially if that URL is dynamic, this can be used as a means to make the AS call URLs within its own protected domain and cause errors. Will need to be addressed in new security considerations paragraph.
If the client instance can cause the AS to fetch a URL, especially if that URL is dynamic, this can be used as a means to make the AS call URLs within its own protected domain and cause errors. Will need to be addressed in new security considerations paragraph.