W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2016

Re: [referrer] Providing safer policy states

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 7 Apr 2016 08:43:21 +0200
Message-ID: <CADnb78hNiCnmqU3NdCqZSqBb8YD95swA=HuJnvmaVEGLfbKxxQ@mail.gmail.com>
To: "Emily Stark (Dunn)" <estark@google.com>
Cc: Mike West <mkwst@google.com>, Francois Marier <francois@mozilla.com>, Jochen Eisinger <eisinger@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Wed, Apr 6, 2016 at 10:26 PM, Emily Stark (Dunn) <estark@google.com> wrote:
> On Tue, Apr 5, 2016 at 11:51 PM, Anne van Kesteren <annevk@annevk.nl> wrote:
>> How would you transition the Fetch API and HTML referrerpolicy attribute?
> Are there specific aspects of this or concerns that you're thinking about?

Backwards compatibility, mostly. Not entirely sure what JSON or enum
would be either for the API.

> One idea that had been thrown around is to always have referrer policies be
> quoted strings, so that they always parse as JSON. I'm not sure if that's
> what you're asking about though.

You mean requiring referrerpolicy=" 'origin' "? What would happen to

Received on Thursday, 7 April 2016 06:43:47 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:55 UTC