- From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
- Date: Thu, 09 Feb 2012 23:13:13 +0000
- To: public-html-commits@w3.org
Update of /sources/public/html5/spec In directory hutz:/tmp/cvs-serv4455 Modified Files: Overview.html Log Message: Loosen this requirement a bit to be more realistic. (whatwg r6985) Index: Overview.html =================================================================== RCS file: /sources/public/html5/spec/Overview.html,v retrieving revision 1.5578 retrieving revision 1.5579 diff -u -d -r1.5578 -r1.5579 --- Overview.html 9 Feb 2012 00:33:50 -0000 1.5578 +++ Overview.html 9 Feb 2012 23:13:08 -0000 1.5579 @@ -54306,8 +54306,9 @@ certain subdomains, content types, or schemes.</p> <p><strong>Leaking secure URLs.</strong> User agents should not send - HTTPS URLs to third-party sites registered as content handlers, in - the same way that user agents do not send <code title="http-referer">Referer</code> (sic) HTTP headers from secure + HTTPS URLs to third-party sites registered as content handlers + without the user's informed consent, for the same reason that user + agents sometimes avoid sending <code title="http-referer">Referer</code> (sic) HTTP headers from secure sites to third-party sites.</p> <p><strong>Leaking credentials.</strong> User agents must never send
Received on Thursday, 9 February 2012 23:13:15 UTC