- From: Boris Zbarsky <bzbarsky@mit.edu>
- Date: Wed, 7 Oct 2015 10:25:27 -0400
- To: Jochen Eisinger <eisinger@google.com>, Anne van Kesteren <annevk@annevk.nl>
- Cc: Tanvi Vyas <tanvi@mozilla.com>, Mike West <mkwst@google.com>, Yoav Weiss <yoav@yoav.ws>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 10/7/15 10:19 AM, Jochen Eisinger wrote: > 1) create a stylesheet, update the referrer URL (using the history API), > insert an element that matches a rule which loads an external resource > > Here, Chrome and Firefox use the URL from before the history API > modifications. So just to make sure we're talking about the same thing, you were using a <style> element here, not a <link> element? > I think in any case, referrer and referrer policy should behave the > same. Anne raised the point on IRC that it's odd to ignore changes, so I > propose to spec that both the referrer URL as well as the referre! r > policy from when the network request is triggered should be used. I think we should be clear on whether we're talking about the <style> element case, the <link> element case, or the @import case. We should specify behavior for all of these. -Boris
Received on Wednesday, 7 October 2015 14:26:00 UTC