W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2015

Re: Referrer value for resources fetched from CSS

From: Anne van Kesteren <annevk@annevk.nl>
Date: Mon, 5 Oct 2015 17:33:05 +0200
Message-ID: <CADnb78hqt9qcTw6_3BJvz+BKz+5sEx=-L_xW9DDC+604sr7g4w@mail.gmail.com>
To: Boris Zbarsky <bzbarsky@mit.edu>
Cc: Jochen Eisinger <eisinger@google.com>, Tanvi Vyas <tanvi@mozilla.com>, Mike West <mkwst@google.com>, Yoav Weiss <yoav@yoav.ws>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Mon, Oct 5, 2015 at 5:19 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:
> Of course that may involve
> changes to the specs that define that the load happens.  :(

To be clear, we need those either way. E.g., as long as CSS doesn't
define how it uses Fetch, it technically doesn't invoke service
workers, it technically doesn't apply CSP, it technically doesn't
abide by Mixed Content blocking, it technically doesn't support HSTS,

Received on Monday, 5 October 2015 15:33:33 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:52 UTC