After reading this thread, it seems to have reached a conclusion, and I see that there is one new issue opened related to displaying Mixed Content UI when something insecure if fetched or retrieved from the Cache API. https://github.com/w3c/webappsec/issues/412 I do not see any PRs to address this issue. Is this: 1) A consensus blocker? 2) Something that can be done entirely in Fetch, or does it require changes to MIX? 3) Acceptable as a Level 2 feature? -Brad On Thu, Jul 30, 2015 at 4:22 AM Mike West <mkwst@google.com> wrote: > I think this is the semantic we need for MIX. If you implement it in > Fetch, brilliant. If not, I think I'll need to implement it in MIX, which > is less brilliant, but fine. > > -mike > On Jul 30, 2015 12:41, "Anne van Kesteren" <annevk@annevk.nl> wrote: > >> On Thu, Jul 30, 2015 at 12:26 PM, Mike West <mkwst@google.com> wrote: >> > Still, examining the `window` and `client` property sees like a strange >> way >> > of asking "Is this a passthrough request?" One way of dealing with that >> > indirection is to bake it into Fetch. Another is to rewrite the >> algorithm in >> > MIX to make more sense. It sounds like you'd prefer the latter, Anne. >> >> I'm not sure, I haven't made up my mind. Indicating "passthrough" in >> some way might have value elsewhere too, though I can't immediately >> think of anything. It is a bit weird how this works out for MIX, but >> copying context over for three values where that has use seems wrong >> too. And we definitely need to keep client/window around for a whole >> bunch of things. >> >> >> -- >> https://annevankesteren.nl/ >> >
Received on Tuesday, 4 August 2015 23:51:35 UTC