W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2013

Re: Security of cross-origin pushed resources

From: Jo Liss <joliss42@gmail.com>
Date: Fri, 20 Sep 2013 20:35:42 +0100
Message-ID: <CAN=xy38RNyLv1+TrU+TWiUvX=U6T7Ypc8LGKKoiV0Hy0bgrm6A@mail.gmail.com>
To: William Chan (陈智昌) <willchan@chromium.org>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Fri, Sep 20, 2013 at 8:26 PM, William Chan (陈智昌)
<willchan@chromium.org> wrote:
> I recall us discussing for HTTP/1.1 whether or not it's feasible for a
> client to reuse a TCP connection for the same destination IP address, even
> if it's for different origins. My understanding is mnot ran a quick test of
> the feasibility and showed that it works 99.X% of the time or something

Hm, it might work most of the time, but I imagine it would be unsafe
and browsers wouldn't actually do this. Or am I completely mistaken
here?

Jo

-- 
Jo Liss
http://www.solitr.com/blog/
Received on Friday, 20 September 2013 19:36:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:15 UTC