[whatwg/fetch] Set the HTTPS state to 'modern' for more things (#290) from Jonathan Watt on 2016-04-26 (public-webapps-github@w3.org from April 2016)

From: Jonathan Watt <notifications@github.com>
Date: Mon, 25 Apr 2016 17:28:48 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc:
Message-ID: <whatwg/fetch/issues/290@github.com>

The Fetch spec doesn't mention wss, which presumably should have an HTTPS state of "modern" in general.

More widely though, we should consider whether much of the items where we special case Secure Context would actually be better as a special casing of HTTPS state. That's these cases:

https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy

Specifically steps 3, 4, 6 and 7. Explicitly allowing user agents to special case HTTPS state in these cases would resolve, for example:

https://github.com/w3c/webappsec-secure-contexts/issues/26

It would also be more consistent for a document's HTTPS state and Secure Context state to better to match up.

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/290

Received on Tuesday, 26 April 2016 00:29:18 UTC