W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Re: [MIX] 5.1 Does settings object restrict mixed content?

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 30 Oct 2014 17:28:25 +0100
Message-ID: <CADnb78h3L97jOuqbxvrW9xb+ke+eCL=Lsz7frF1Dr5tEz261cA@mail.gmail.com>
To: Ian Hickson <ian@hixie.ch>
Cc: WebAppSec WG <public-webappsec@w3.org>
On Thu, Oct 30, 2014 at 5:23 PM, Ian Hickson <ian@hixie.ch> wrote:
> Why would this be a problem? If you navigate the top-level browsing
> context the embedded stuff becomes irrelevant, no?

1) The document can still be alive in terms of history, no?

2) If it invoked sendBeacon() or <a ping> triggered at that point,
such a mixed content check still seems relevant.


-- 
https://annevankesteren.nl/
Received on Thursday, 30 October 2014 16:28:52 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC