W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Re: [MIX] Is origin an authenticated origin?

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 23 Oct 2014 15:35:01 +0200
Message-ID: <CADnb78iq-OrJ9Zwwc+DPhBbEYWFM2LOFv1V3Avu_U7fDAA2vgQ@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: WebAppSec WG <public-webappsec@w3.org>

On Thu, Oct 23, 2014 at 3:32 PM, Mike West <mkwst@google.com> wrote:
> Chrome simply refuses to connect to anything it considers weak or
> deprecated, which simplifies the mixed content logic dramatically.

Right, you can just check for "https" / "wss". Is there a browser that
does not follow this approach?


-- 
https://annevankesteren.nl/

Received on Thursday, 23 October 2014 13:35:32 UTC

This message: [ Message body ]
Next message: Mike West: "Re: [MIX] Is origin an authenticated origin?"
Previous message: Mike West: "Re: [MIX] Is origin an authenticated origin?"
In reply to: Mike West: "Re: [MIX] Is origin an authenticated origin?"
Next in thread: Mike West: "Re: [MIX] Is origin an authenticated origin?"
Reply: Mike West: "Re: [MIX] Is origin an authenticated origin?"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:41 UTC