- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Mon, 18 Aug 2014 09:56:08 +0200
- To: WebAppSec WG <public-webappsec@w3.org>
- Cc: Jonas Sicking <jonas@sicking.cc>, Brian Smith <brian@briansmith.org>
Jonas raised this over on the WHATWG list: http://lists.w3.org/Archives/Public/public-whatwg-archive/2014Aug/0107.html On http://wiki.whatwg.org/wiki/Meta_referrer "always" has an annotation that it will include a referrer even when going from HTTPS to HTTP. "origin" has no such annotation. Per the new Referrer Policy draft it seems Origin Only would need such an annotation. I guess the question is whether this change in policy is desired or whether they should be distinct settings. -- http://annevankesteren.nl/
Received on Monday, 18 August 2014 07:56:35 UTC