- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Wed, 8 Apr 2015 19:58:40 +0200
- To: David Walp <David.Walp@microsoft.com>
- Cc: WebAppSec WG <public-webappsec@w3.org>
On Wed, Apr 8, 2015 at 7:38 PM, David Walp <David.Walp@microsoft.com> wrote: > Please, can you share which version of Internet Explorer you were working with? Not sure if you know that in Windows 10 there has been a focus on making the browser interoperable with the actual Web. A result of this work is a number of changes in the area you describe for the Windows 10 browser. I wanted to know if these changes were reflected in your analysis. I used IE11 on Windows 10. I ended up adding this to the specification by the way: https://fetch.spec.whatwg.org/#x-content-type-options-header There's still some open questions about which specifications should define the MIME type whitelists, but in general it should be pretty clear now how to implement it in a way that is mostly interoperable with IE11 (except for where it dispatches load rather than error and a few other minor things) and Chrome (when it comes to <script> anyway). -- https://annevankesteren.nl/
Received on Wednesday, 8 April 2015 17:59:04 UTC