Re: [REFERRER] origin-when-crossorigin OR origin-when-cross-origin from Mike West on 2015-05-12 (public-webappsec@w3.org from May 2015)

From: Mike West <mkwst@google.com>
Date: Tue, 12 May 2015 05:13:25 +0200
To: Sid Stamm <sid@mozilla.com>
Cc: Jerry Qu <quguangyu@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAKXHy=cs2ZBU=wCMrgVsMya=60bfu6k-otatQOrrKiPAE7vSGQ@mail.gmail.com>

On Mon, May 11, 2015 at 9:00 PM, Sid Stamm <sid@mozilla.com> wrote:

> So to be absolutely clear, this means there should always be a dash
> between "cross" and "origin" in the referrer policy tokens, right?
>

Yes. That was a typo in the spec.

Since Chrome already ships `-crossorigin` and sites already use it, we'll
probably need to leave that alias in as well, though. Sorry about that. My
fault. :/

-mike

--
Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

Received on Tuesday, 12 May 2015 03:14:12 UTC