- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 23 Oct 2012 17:16:47 -0400
- To: public-webappsec@w3.org
Oh, one more thing. This came up earlier in this thread: > For cross-origin CSS loads, browsers now require either that (1) the > style sheet has the proper MIME type or (2) the style sheet parses > without errors. In an ideal world, we'd require (1) all the time, > but adding (2) was necessary to make the change compatible with the > web. We can check with Chris, but my understanding is that every > browser does this now, including IE. Gecko does (1), period. See https://bugzilla.mozilla.org/show_bug.cgi?id=524223#c26 and in general the discussion in that bug for why. We have not had a single compatibility problem reported about this that I know of in the 2+ years since we started shipping that behavior. So I think we can in fact require (1) all the time if we want to. -Boris
Received on Tuesday, 23 October 2012 21:17:16 UTC