Re: [SRI] Escaping mixed-content blocking for video distribution

On Thu, Nov 13, 2014 at 11:16 AM, Mike West <mkwst@google.com> wrote:
> It's not clear to me where we ended up in that conversation. My suggestion
> was that we allow requests based on the request context: if the user agent
> would block script, then block insecure script requests from a SW. If the
> user agent would display images, don't block insecure image requests from a
> SW.

We have not tied it to the response in some way and then enforce at
the API layer that only certain responses can be used, so I don't
think that strategy would work, unless we design things differently...


-- 
https://annevankesteren.nl/

Received on Thursday, 13 November 2014 10:40:44 UTC