- From: <bugzilla@jessica.w3.org>
- Date: Mon, 08 Nov 2010 14:20:48 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=11235 --- Comment #6 from Alexander Romanovich <alex@sirensclef.com> 2010-11-08 14:20:47 UTC --- A rel="anonymous" would probably fit the bill perfectly (restricting cookies, HTTP auth, SSL certs, referrer, and origin). (Though according to this source, the origin header should only sent with script requests of the 3 types of requests I originally mentioned: https://wiki.mozilla.org/Security/Origin) I'm in the CMS business, and I'm thinking here of all the content we generate (particularly image thumbnails for individual news stories, etc. which would not be appropriate to make into sprites). Our product typically drives pretty large web sites, and the ability to use this flag globally in page output would probably have a dramatic effect across the board. Removing credentials and extra headers from these requests is an improvement, and would become an asset for security as well. -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.
Received on Monday, 8 November 2010 14:20:54 UTC