- From: Brian Smith <brian@briansmith.org>
- Date: Tue, 22 Jul 2014 12:42:02 -0700
- To: Mike West <mkwst@google.com>
- Cc: Jake Archibald <jaffathecake@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Tue, Jul 22, 2014 at 2:54 AM, Mike West <mkwst@google.com> wrote: > I've pushed > https://github.com/w3c/webappsec/commit/63b19a728191e74059c190d2769f7cf44e3a0fec > in an attempt to resolve the two items this thread raised. It drops the > 'active'/'passive' distinction as we've previously discussed, and blocks > CORS-enabled mixed requests. > > Does the current draft (https://w3c.github.io/webappsec/specs/mixedcontent/) > accurately capture the intent of those two proposals? I also think that the changes are good and that the document is moving in the right direction. Cheers, Brian
Received on Tuesday, 22 July 2014 19:42:29 UTC