- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Mon, 10 Nov 2014 11:36:20 +0100
- To: Jochen Eisinger <eisinger@google.com>
- Cc: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Devdatta Akhawe <dev.akhawe@gmail.com>, Brian Smith <brian@briansmith.org>
On Mon, Nov 10, 2014 at 11:32 AM, Jochen Eisinger <eisinger@google.com> wrote: > I'm not sure that introducing additional complexity into the referrer policy > spec is worthwhile. I see the referrer policy as working around some > short-comings for websites moving to https, but I don't think that referrers > in general are such a great feature that we should make it more compelling > to use. I don't necessarily disagree with that. But the last time this came up the question was raised whether those sites are concerned about not being exposed through navigation or not being exposed through either navigation or subresources. If it is only about navigation, it seems unfortunate to also leak the URL through potentially unsafe subresources. -- https://annevankesteren.nl/
Received on Monday, 10 November 2014 10:36:47 UTC