- From: Boris Zbarsky <bzbarsky@mit.edu>
- Date: Wed, 30 Sep 2015 14:04:59 -0400
- To: Jochen Eisinger <eisinger@google.com>, Anne van Kesteren <annevk@annevk.nl>
- Cc: Tanvi Vyas <tanvi@mozilla.com>, Mike West <mkwst@google.com>, Yoav Weiss <yoav@yoav.ws>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 9/30/15 1:56 PM, Jochen Eisinger wrote: > An <img> doesn't suddenly load more resources. First of all, the proposal is that it in fact can for <svg> images. ;) But that's not what I was talking about. Say I have a document with a <meta referrer> policy. Then that policy gets changed. Then the script on the page does |var i = new Image(); i.src = something|. Which referrer is used for this load? Why should this case of a new resource load from the document via script any different from a new resource load from the document via suddenly matching a CSS rule that didn't use to match? > Also, the actual referrer url of the CSS doc doesn't change either if > you use history.pushState I'm not sure whether this is a specific comment about pushState or a comment about the fact that doing a pushState doesn't reload the CSS, or something else... -Boris
Received on Wednesday, 30 September 2015 18:05:30 UTC