W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2014

Re: Redirects and HSTS

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 26 Sep 2014 14:24:54 +0200
Message-ID: <CADnb78jvMeR4QKSQXRAWiyx6yMBupSFjj-MV8OrcdO0RtjAMGg@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: WebAppSec WG <public-webappsec@w3.org>
On Fri, Sep 26, 2014 at 2:15 PM, Mike West <mkwst@google.com> wrote:
> Yes, I think that's true.

Perhaps Gecko's stance that HSTS rewriting happens after Mixed Content
is correct. At least for non-same-origin HSTS. :-(

(Sorry about the offlist reply.)


-- 
https://annevankesteren.nl/
Received on Friday, 26 September 2014 12:25:22 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC