[Bug 11235] Mechanism to disable sending of cookies with requests for style sheets, background images, fonts, WebSockets, server-sent events, <video src>, <source>, <track>, <iframe>, <img>, etc from bugzilla@jessica.w3.org on 2013-10-22 (public-html-bugzilla@w3.org from October 2013)

From: <bugzilla@jessica.w3.org>
Date: Tue, 22 Oct 2013 21:56:20 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-11235-2486-ZbBm1EVLTd@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=11235

Ian 'Hixie' Hickson <ian@hixie.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Support a rel attribute     |Mechanism to disable
                   |that restricts cookie       |sending of cookies with
                   |transmission                |requests for style sheets,
                   |                            |background images, fonts,
                   |                            |WebSockets, server-sent
                   |                            |events, <video src>,
                   |                            |<source>, <track>,
                   |                            |<iframe>, <img>, etc

--- Comment #22 from Ian 'Hixie' Hickson <ian@hixie.ch> ---
 It's not clear to me that HTML is the right place for a solution for this. For
instance, whatever solution we used you'd still want to be able to control
whether images or fonts in a style sheet had cookies or not, you'd still want
to be able to control what happened to resources imported by scripts (including
those without underlying DOM nodes, like Worker and EventSource objects), and
you'd want it to cover a whole raft of features even just within HTML, like
<video src>, <source>, <object>, <iframe>, etc.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 22 October 2013 21:56:21 UTC