W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2012

Re: ISSUE-38: Discuss no-mixed-content further as a 1.1 experimental directive

From: Adam Barth <w3c@adambarth.com>
Date: Fri, 2 Nov 2012 13:22:30 -0700
Message-ID: <CAJE5ia_GgNHDBPMuHkZoYhxmcxFPgfdq3npz+koLNedFJA6Qmw@mail.gmail.com>
To: Ian Melven <imelven@mozilla.com>
Cc: Web Application Security Working Group <public-webappsec@w3.org>
I'm not sure how useful this directive is now that many user agents
are blocking mixed scripting by default.

Adam


On Fri, Nov 2, 2012 at 11:30 AM, Ian Melven <imelven@mozilla.com> wrote:
>
> is this mostly a shortcut for specifying 'https:' for all source directives ?
>
> thanks
> ian
>
>
> ----- Original Message -----
> From: "Web Application Security Working Group Issue Tracker" <sysbot+tracker@w3.org>
> To: public-webappsec@w3.org
> Sent: Friday, November 2, 2012 2:58:02 AM
> Subject: ISSUE-38: Discuss no-mixed-content further as a 1.1 experimental directive
>
> ISSUE-38: Discuss no-mixed-content further as a 1.1 experimental directive
>
> http://www.w3.org/2011/webappsec/track/issues/38
>
> Raised by:
> On product:
>
>
>
>
>
>
Received on Friday, 2 November 2012 20:23:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 2 November 2012 20:23:30 GMT