[Bug 27271] Normatively require https for all ancestor origins when requiring https at all from bugzilla@jessica.w3.org on 2014-11-11 (public-html-bugzilla@w3.org from November 2014)

From: <bugzilla@jessica.w3.org>
Date: Tue, 11 Nov 2014 10:00:31 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-27271-2486-tHmUPdbF9Q@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=27271

--- Comment #7 from Henri Sivonen <hsivonen@hsivonen.fi> ---
(In reply to Ryan Sleevi from comment #2)
> Would it be possible / should we incorporate the language from
> https://w3c.github.io/webappsec/specs/mixedcontent/#may-document-use-
> powerful-features , which makes it clearer as to the algorithm necessary to
> process this?

I think it makes sense to reference that algorithm. It tries to do what I want.
I'm not 100% sure it currently does what I want, but if it doesn't, it seems
clear I should file a bug on that spec instead instead of proposing a different
algorithm here. (Specifically, it's unclear to me what step 3 does if the
branch in step 2 is not taken.)

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 11 November 2014 10:00:32 UTC