Re: [whatwg/fetch] Set the HTTPS state to 'modern' for more things (#290) from Jonathan Watt on 2016-04-26 (public-webapps-github@w3.org from April 2016)

From: Jonathan Watt <notifications@github.com>
Date: Tue, 26 Apr 2016 04:42:12 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc:
Message-ID: <whatwg/fetch/issues/290/214713882@github.com>

I'm thinking of solving the secure contexts issue I linked to by adding some text around where the Fetch spec has:

> If response was retrieved over HTTPS, set its HTTPS state to either "deprecated" or "modern".

In other word saying something along the lines of the following (apologies for the sloppy wording, but you get the idea):

> Also set HTTPS state to "modern" if response's URI's host component is or falls within "localhost." [RFC6761] or matches one of the CIDR notations 127.0.0.0/8 or ::1/128 [RFC4632], or the scheme of the URI is one which the user agent considers to be authenticated or has been configured as a trustworthy scheme.

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/290#issuecomment-214713882

Received on Tuesday, 26 April 2016 11:42:49 UTC