Re: UPGRADE: 'HTTPS' header causing compatibility issues. from Martin Thomson on 2015-07-09 (public-webappsec@w3.org from July 2015)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 8 Jul 2015 21:54:31 -0700
To: Richard Barnes <rbarnes@mozilla.com>
Cc: Mike West <mkwst@google.com>, Tanvi Vyas <tanvi@mozilla.com>, Brian Smith <brian@briansmith.org>, Adrian Hope-Bailie <adrian@hopebailie.com>, Ilya Grigorik <igrigorik@google.com>, Anne van Kesteren <annevk@annevk.nl>, "Nottingham, Mark" <mnotting@akamai.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Christoph Kerschbaumer <ckerschbaumer@mozilla.com>
Message-ID: <CABkgnnXM0LHSztURMUek-Mzni_RrSFWT5ix54jYXVANoWMkB0w@mail.gmail.com>

On 8 July 2015 at 21:44, Richard Barnes <rbarnes@mozilla.com> wrote:
> If the web can live with "Referer", it can live with this.  But it seems
> roughly the same order of magnitude.  It makes me "sic" :)

Sounds about right. Find another perspective, like 'update-to-secure'
if you want to avoid seeming insecure.

Received on Thursday, 9 July 2015 04:55:06 UTC