Re: [SRI] Escaping mixed-content blocking for video distribution

On Wed, Nov 12, 2014 at 11:39 PM, Brian Smith <> wrote:
> AFAICT. In order for browsers to be able to appropriately scope the
> allowance for mixed content that you are asking for, a purely
> declarative mechanism for MSE would be needed.

While we are being speculative, we could offer

  xhr.responseType = "mse"
  xhr.onload = function() {
    video.feedBytes(xhr.response) // prolly has other name than feedBytes

with xhr.response being an opaque object that only the browser can read from.

However, it seems rather weird to offer such a thing just because
Netflix can't TLS like YouTube can.


Received on Thursday, 13 November 2014 09:46:06 UTC