W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2015

Re: [upgrade] return=secure-representation

From: Nottingham, Mark <mnotting@akamai.com>
Date: Mon, 16 Mar 2015 02:01:00 +0000
To: Mike West <mkwst@google.com>
CC: WebAppSec WG <public-webappsec@w3.org>
Message-ID: <FB85DD0F-76C5-49E2-9D07-A3100215214B@akamai.com>
WFM. The only thing is that it doesn't include wss: (etc.); that said, if the semantics are really "redirect me" not "send me a page with secure links", this should be fine (websockets doesn't have a concept of redirection).

Cheers,


> On 13 Mar 2015, at 7:53 pm, Mike West <mkwst@google.com> wrote:
> 
> On Fri, Mar 13, 2015 at 7:47 AM, Mike West <mkwst@google.com> wrote:
> > `Prefer: https`?
> 
> OooooooOOOoh
> 
> Is that a ghost that agrees with the suggestion?
> 
> Or a Mark running away in horror?
> 
> If the former, I'll change the spec today.
> 
> https://github.com/w3c/webappsec/commit/a0aa404a84a0eca2040246fcd805980461d327ae

> 
> -mike
> 
> --
> Mike West <mkwst@google.com>, @mikewest
> 
> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

--
Mark Nottingham    mnot@akamai.com    https://www.mnot.net/





Received on Monday, 16 March 2015 02:01:37 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:11 UTC