[Bug 15562] It's unfortunate that URLs in the manifest must have the same scheme as the manifest itself. This prohibits listing https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js in a manifest that may be served over either http or https and prohibits p from bugzilla@jessica.w3.org on 2012-02-07 (public-html-bugzilla@w3.org from February 2012)

From: <bugzilla@jessica.w3.org>
Date: Tue, 07 Feb 2012 07:02:20 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Ruf4G-0003rm-OU@jessica.w3.org>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=15562

--- Comment #3 from Jeffrey Yasskin <jyasskin@gmail.com> 2012-02-07 07:02:18 UTC ---
You would update a manifest found in a data: url by refetching the whole
document that contained the data: url.

You'd bother with encrypting a library if the rest isn't encrypted so that you
can keep the same 'src' attribute for documents that could be accessed over
either http or https. Not everyone generates different HTML for serving over
SSL vs non-SSL.

But I just wanted to raise the issue. I won't reply further if you still
disagree.

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 7 February 2012 07:04:16 UTC