W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

Re: [MIX] Require HTTPS scripts to be able to anything HTTP scripts can do.

From: Boris Zbarsky <bzbarsky@mit.edu>
Date: Mon, 05 Jan 2015 13:34:12 -0500
Message-ID: <54AAD924.2050309@mit.edu>
To: Anne van Kesteren <annevk@annevk.nl>
CC: WebAppSec WG <public-webappsec@w3.org>
On 1/5/15 1:15 PM, Anne van Kesteren wrote:
> I thought we disabled CORS cross-scheme?

Oh, hmm.  I wasn't aware of that.  If so, then indeed you can't get 
access to the image data.

-Boris
Received on Monday, 5 January 2015 18:34:42 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:09 UTC