+1
On Fri, Jul 17, 2015 at 4:45 AM Mike West <mkwst@google.com> wrote:
> I'm reliably informed that I'm simply incorrect about Chrome's behavior:
> Alex says that Flipboard is already using a Service Worker, and relies on
> the ability to cache insecure image content. That surprises me a bit, since
> the mixed content implementation in Blink doesn't have an obvious
> exclusion, but I don't doubt his claim.
>
> Nevertheless, I believe we decided in the F2F earlier this week to
> transition the document to PR as it stands, and to come back to the
> question of exclusions (both for SW and for things like EME) in a "Level 2"
> document (Brad, Wendy, does that match your recollection?).
>
> -mike
>
> --
> Mike West <mkwst@google.com>, @mikewest
>
> Google Germany GmbH, Dienerstrasse 12, 80331 München,
> Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
> Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
> Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>
> On Wed, Jul 8, 2015 at 8:52 PM, Brian Smith <brian@briansmith.org> wrote:
>
>> Brian Smith <brian@briansmith.org> wrote:
>>
>>> Read what Mike said again. He said that it might be something to change
>>> in the NEXT version of Mixed Content, not the current version. He also said
>>> that mixed content "fetch" is blocked in Chrome the way the current draft
>>> says to do things.
>>>
>>
>> Reading the source code for the Mozilla Firefox browser [1], I see that
>> Firefox has also explicitly chosen to block mixed-content 'fetch'.
>>
>> (I also saw that it is mistakenly not blocking mixed content 'beacon' and
>> 'ping'. I filed bug
>>
>> [1]
>> https://dxr.mozilla.org/mozilla-central/source/dom/security/nsMixedContentBlocker.cpp#423
>> [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1181683
>>
>
>