W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: [REFERRER] origin-when-crossorigin OR origin-when-cross-origin

From: Mike West <mkwst@google.com>
Date: Tue, 12 May 2015 05:13:25 +0200
Message-ID: <CAKXHy=cs2ZBU=wCMrgVsMya=60bfu6k-otatQOrrKiPAE7vSGQ@mail.gmail.com>
To: Sid Stamm <sid@mozilla.com>
Cc: Jerry Qu <quguangyu@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Mon, May 11, 2015 at 9:00 PM, Sid Stamm <sid@mozilla.com> wrote:

> So to be absolutely clear, this means there should always be a dash
> between "cross" and "origin" in the referrer policy tokens, right?

Yes. That was a typo in the spec.

Since Chrome already ships `-crossorigin` and sites already use it, we'll
probably need to leave that alias in as well, though. Sorry about that. My
fault. :/


Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
Received on Tuesday, 12 May 2015 03:14:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:49 UTC