- From: Tomoyuki Shimizu <notifications@github.com>
- Date: Wed, 18 Oct 2017 07:42:14 +0000 (UTC)
- To: httpslocal/usecases <usecases@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <httpslocal/usecases/pull/12/review/70119955@github.com>
tomoyukilabs commented on this pull request. > @@ -8,6 +8,18 @@ For details and further discussion, please refer to [the corresponding issue in GitHub](https://github.com/httpslocal/usecases/issues/7). Any proposals for addition, clarification and improvement are absolutely welcome. +## Security Infrastructure + +- W3C Web Application Security WG + - [Secure Contexts](https://w3c.github.io/webappsec-secure-contexts/): + defines “secure contexts”, which user agent implementers and specification authors + to allow minimum features of which authentication and confidentiality are met. + - [Mixed Context](https://w3c.github.io/webappsec-mixed-content/): + describes how a user agent should handle fetching of content over unencrypted or + unauthenticated connections in the context of an encrypted and authenticated document. + - [Cross-Origin Resource Sharing](https://www.w3.org/TR/cors/) (CORS): Good catch! At the moment I made this PR, I was still wondering whether W3C CORS spec or WHATWG Fetch Standard should be referred, since Fetch Standard [still refers to W3C CORS spec](https://fetch.spec.whatwg.org/#biblio-cors). I've read Fetch Standard again and understand that Fetch Standard states that it is [unifying fetching algorithms and specifications](https://fetch.spec.whatwg.org/#goals). So, I've decided to update the reference soon. Thanks a lot for your suggestion! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpslocal/usecases/pull/12#discussion_r145336975
Received on Wednesday, 18 October 2017 07:42:56 UTC