Remove the mention of Foreign Fetch from the SW Security FAQ.

Foreign Fetch is being removed from the Service Worker spec.
(w3c/ServiceWorker#1188 (comment))

TBR=rsesek

Bug: None
Change-Id: If84db57f7d62d065e389f97bbc100ae5d5e6f84b
Reviewed-on: https://chromium-review.googlesource.com/669740
Reviewed-by: Chris Palmer <[email protected]>
Commit-Queue: Chris Palmer <[email protected]>
Cr-Commit-Position: refs/heads/master@{#502510}

Author: Chris Palmer

docs/security/service-worker-security-faq.md

@@ -148,11 +148,6 @@ If the person is currently browsing attacker.com, then the attacker doesn't gain
 any additional attack benefit from a Service Worker. They can just `<script
 src="maybe-v8-payload.js">` as usual, from the in-page JavaScript.
 
-**However**, if/when [Foreign
-Fetch](https://github.com/w3c/ServiceWorker/blob/master/foreign_fetch_explainer.md)
-ships, the situation will change if people browse sites that fetch resources
-from the attacker's server.
-
 ## If a site has an XSS vulnerability, can the attacker permanently compromise that origin for me?
 
 An XSS attacker can indeed register an evil SW. As before SWs, XSS is a very