- From: Coralie Mercier <coralie@w3.org>
- Date: Mon, 07 Mar 2016 11:58:11 +0100
- To: site-comments@w3.org, "Franklin Tse" <franklinwhale@hotmail.com>
On Mon, 07 Mar 2016 09:31:42 +0100, Franklin Tse <franklinwhale@hotmail.com> wrote: > Hello, > > w3.org can now be viewed in HTTPS and there is a Content Security Policy > asking browsers to upgrade insecure requests across the site. I note that > "Upgrade Insecure Requests" is currently a W3C Candidate Recommendation > and some browsers have implemented it. However, that means some browsers > have not implemented the directive, and as a result users of those > browsers encounter broken pages, especially for those who have strict > mixed content checking enabled. > > Enabling HTTPS is good, and "Upgrade Insecure Requests" appears to > provide > an easier way for website administrators to enable HTTPS. I agree that > there is a need to promote and experience it, but I think there has to be > a balance between using cutting-edge technology and maintaining a > reasonably wide range of viewers. > > One of the primary objectives to come to w3.org is for accessing the W3C > specifications. W3C should update the paths of stylesheets and images on > W3C specifications and notes to relative links, so that browsers that do > not support Upgrade Insecure Requests can load W3C specifications > properly. > > Regards, > Franklin Tse Dear Franklin Thank you for your message, that I will relay internally. Best regards, Coralie -- Coralie Mercier - W3C Marketing & Communications - http://www.w3.org mailto:coralie@w3.org +336 4322 0001 http://www.w3.org/People/CMercier/
Received on Monday, 7 March 2016 10:58:19 UTC