On Tue, Jul 28, 2015 at 7:38 PM, Anne van Kesteren <annevk@annevk.nl> wrote: > > In particular, my understanding of what was agreed is that a service > worker > > should be allowed to forward (unmodified) http:// requests for <img > src>, > > <video src>, and <audio src>, but otherwise any other http:// fetch in > an > > HTTPS document should be disallowed. But it is unclear that that is what > the > > document says. > > That doesn't really match my understanding. > What is your understanding of what we agreed on earlier in the thread? Brian's description matches my understanding of what we talked about in https://lists.w3.org/Archives/Public/public-webappsec/2015Jul/0123.html. -mike -- Mike West <mkwst@google.com>, @mikewest Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
Received on Thursday, 30 July 2015 08:02:45 UTC