W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2015

Re: [mixed-content] DASH Players and Mixed Content

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 18 Sep 2015 16:02:36 +0200
Message-ID: <CADnb78ifp8QfjSaSu26a=eSXaNThQ17g78R4Siidd5jbPx1uSg@mail.gmail.com>
To: "Nottingham, Mark" <mnotting@akamai.com>
Cc: Brad Hill <hillbrad@gmail.com>, Ben Gidley <ben@gidley.co.uk>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Fri, Sep 18, 2015 at 3:47 PM, Nottingham, Mark <mnotting@akamai.com> wrote:
> On 18 Sep 2015, at 3:04 am, Anne van Kesteren <annevk@annevk.nl> wrote:
>> Do you mean that the majority of streaming going forward will not go
>> over HTTPS? Or that it will go over HTTPS but that CORS or same-origin
>> is impossible? Because in all other scenarios we're not dealing with
>> opaque responses.
> This was in relation to Ryan's proposal for Video over HTTP for HTTPS pages:
>  https://lists.w3.org/Archives/Public/public-webappsec/2015Feb/0371.html

Does that you mean you expect the majority of streaming going forward
to not use HTTPS? And in addition, that you need access to the
contents of Mixed Content streams (whereas CORS currently isn't
available for Mixed Content)?

Received on Friday, 18 September 2015 14:03:07 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:51 UTC