- From: Boris Zbarsky <bzbarsky@mit.edu>
- Date: Wed, 30 Sep 2015 11:36:07 -0400
- To: Jochen Eisinger <eisinger@google.com>, Anne van Kesteren <annevk@annevk.nl>
- Cc: Tanvi Vyas <tanvi@mozilla.com>, Mike West <mkwst@google.com>, Yoav Weiss <yoav@yoav.ws>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 9/30/15 11:33 AM, Jochen Eisinger wrote: > so what if one document references a stylesheet that references a font, > but the document doesn't use it. > > now another document (will different referrer policy) references the > same stylesheet, and actually uses the font. > > The referrer is the stylesheet. what should the policy be? In my opinion, the policy of the second document. Which should be fine, as long as the server properly sends "Vary: referrer" in cases in which it actually cares about the referrer (good luck to us with that). Why does it even matter that another document referenced the "same" stylesheet? The two documents have distinct stylesheet objects... -Boris
Received on Wednesday, 30 September 2015 15:36:39 UTC