W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2015

Re: CfC: Republish MIX as CR; deadline July 29th.

From: Anne van Kesteren <annevk@annevk.nl>
Date: Tue, 28 Jul 2015 19:38:57 +0200
Message-ID: <CADnb78gK6Y+1_Eh+EACL9yh2jJhE4_w+D2-A3EDd4=zv7-tfDQ@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Cc: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Wendy Seltzer <wseltzer@w3.org>, Dan Veditz <dveditz@mozilla.com>, Brad Hill <hillbrad@gmail.com>
On Tue, Jul 28, 2015 at 7:29 PM, Brian Smith <brian@briansmith.org> wrote:
> Me misunderstanding it is exactly my point: it is very unclear what behavior
> is actually being specified, and it should be changed to be more clear.

I understand that is your point and I would like to make it more
clear. But saying "it's unclear" doesn't help me.


> In particular, my understanding of what was agreed is that a service worker
> should be allowed to forward (unmodified) http:// requests for <img src>,
> <video src>, and <audio src>, but otherwise any other http:// fetch in an
> HTTPS document should be disallowed. But it is unclear that that is what the
> document says.

That doesn't really match my understanding.


-- 
https://annevankesteren.nl/
Received on Tuesday, 28 July 2015 17:39:20 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC