On Mon, Jan 19, 2015 at 8:27 PM, Mike West <mkwst@google.com> wrote: > I'd like to suggest that you rename the directive to >> "no-mixed-content". I think "checking" in the name doesn't aid in >> comprehension and is just noise. I also think "no" would be clearer >> than "strict" in conveying the effects to a web developer who hasn't >> read the spec. >> > > Sounds reasonable. > > Any objections? Going once... going twice... > While typing it, I realized that "no-mixed-content" could be interpreted as "No, we're not checking mixed content. Everything's wonderful with these insecure resources!" I've run with "block-all-mixed-content" instead: https://github.com/w3c/webappsec/commit/d9907898755234c3d3967e56227a9fd3ab480ef3. Hopefully that's unambiguous. -- Mike West <mkwst@google.com>, @mikewest Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
Received on Tuesday, 20 January 2015 11:53:13 UTC