[Bug 12668] New: UA's *should* send HTTPS URLs to (secure) third-party sites registered as content handlers, as UAs *do* send Referer HTTP headers from secure sites to third-party sites, given that the third-party site is also secure.

http://www.w3.org/Bugs/Public/show_bug.cgi?id=12668

           Summary: UA's *should* send HTTPS URLs to (secure) third-party
                    sites registered as content handlers, as UAs *do* send
                    Referer HTTP headers from secure sites to third-party
                    sites, given that the third-party site is also secure.
           Product: HTML WG
           Version: unspecified
          Platform: Other
               URL: http://www.whatwg.org/specs/web-apps/current-work/#sec
                    urity-and-privacy
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P3
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: contributor@whatwg.org
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


Specification: http://www.whatwg.org/specs/web-apps/current-work/
Section:
http://www.whatwg.org/specs/web-apps/current-work/#security-and-privacy

Comment:
UA's *should* send HTTPS URLs to (secure) third-party sites registered as
content handlers, as UAs *do* send Referer HTTP headers from secure sites to
third-party sites, given that the third-party site is also secure.

Posted from: 98.235.63.240
User agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like
Gecko) Chrome/11.0.696.68 Safari/534.24

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 17 May 2011 14:49:16 UTC