- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Thu, 30 Oct 2014 15:03:03 +0100
- To: WebAppSec WG <public-webappsec@w3.org>
- Cc: Ian Hickson <ian@hixie.ch>
http://w3c.github.io/webappsec/specs/mixedcontent/#categorize-settings-object 1) Should this not also consider the state "deprecated authentication"? 2) A browsing context has a set of documents associated with it. So e.g. if /a has an <iframe> with /embed and then the user navigates from /a to /b while something in /embed requires a restrict mixed content check, we might end up with a problem. Not sure how to solve this. Ian? -- https://annevankesteren.nl/
Received on Thursday, 30 October 2014 14:03:30 UTC