Re: Proposal: Marking HTTP As Non-Secure from Monica Chew on 2014-12-18 (public-webappsec@w3.org from December 2014)

From: Monica Chew <mmc@mozilla.com>
Date: Thu, 18 Dec 2014 13:21:19 -0800
To: Adrienne Porter Felt <felt@chromium.org>
Cc: Chris Palmer <palmer@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, blink-dev <blink-dev@chromium.org>, security-dev <security-dev@chromium.org>, "dev-security@lists.mozilla.org" <dev-security@lists.mozilla.org>
Message-ID: <CAGSmrUtURmNMaDga_1TS4nPpdVtDJJH5SdVWP9-o1FWU5wpDCQ@mail.gmail.com>

> I'm curious about the difference between the two browsers. My guess is
> that we're treating same-origin navigations differently, particularly
> fragment changes. Monica, is Firefox collapsing all same-origin navigations
> into a single histogram entry? Given that people spend a lot of time on a
> small number of popular (and HTTPS) sites, it would account for the
> different stats.
>

I don't think so.. This histogram is updated at
https://mxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/nsHttpChannel.cpp#1385
..

Thanks,
Monica

Received on Friday, 19 December 2014 13:52:16 UTC