Re: [spec-reviews] Strawman spec review for upgrade insecure requests (#54) from Yan Zhu on 2015-04-24 (public-webapps-github@w3.org from April 2015)

From: Yan Zhu <notifications@github.com>
Date: Fri, 24 Apr 2015 12:26:55 -0700
To: w3ctag/spec-reviews <spec-reviews@noreply.github.com>
Message-ID: <w3ctag/spec-reviews/pull/54/r29078127@github.com>

> +
> +### COMMENT: +1 for Issue #184
> +
> +https://github.com/w3c/webappsec/issues/184 seems like a good thing for
> +improving the smoothness of the HTTP to HTTPS transition.
> +
> +### ISSUE: Need Example for Upgrade Insecure Navigations Set
> +
> +It would be nice to have an example of a CSP directive with an upgrade insecure
> +navigations set in the draft.
> +
> +### ISSUE: Upgrade All Navigations
> +
> +Is there a way to specify that all navigations should be upgraded? That seems
> +useful if a webmaster doesn't want to change their header every time they add
> +a link and are confident all their links will support HTTPS.

commented on the issue

---
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/spec-reviews/pull/54/files#r29078127

Received on Friday, 24 April 2015 19:27:22 UTC