- From: Mike West <notifications@github.com>
- Date: Thu, 26 Jul 2018 20:10:43 +0000 (UTC)
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 26 July 2018 20:11:07 UTC
@slightlyoff > Would this header be restricted to secure contexts? Yes. I had this in the explainer, but not in the spec: fixed in https://github.com/mikewest/sec-metadata/commit/70f9c34ad9d8e695d162c7d226dfd9c2c84aa5f5, thanks! @mnot > It looks like we're going to add bare identifiers back into Structured Headers, FWIW. Ah! That would drop some quotes from the serialization, which would be nice! For completeness, and to follow up on a conversation earlier today: if we care more about the header size than usability or readability, we can treat this header as containing a boolean (`cause`), an 18-value enum (`destination`), a 3-value enum (`site`), and a boolean (`target`), so we can stuff it into an ~7 bit mask, and base64url encode it as a binary structured header (e.g. `Sec-Metadata: cause="user-activated", destination="document", site="same-origin", target="top-level"` => `1 010 00 1` => `Sec-Metadata: *UQ*`). That's a thing we could do. I'm not sure it's a good idea. @travisleithead seemed to be in favor of the more verbose description. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/280#issuecomment-408220264
Received on Thursday, 26 July 2018 20:11:07 UTC