W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2016

Re: [referrer] Providing safer policy states

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 8 Apr 2016 04:25:49 +0200
Message-ID: <CADnb78jBHeqHyHxqJ9DsMQsUsd05N=zTc1ATt7mpvf19=bcR=w@mail.gmail.com>
To: "Emily Stark (Dunn)" <estark@google.com>
Cc: Mike West <mkwst@google.com>, Francois Marier <francois@mozilla.com>, Jochen Eisinger <eisinger@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Fri, Apr 8, 2016 at 12:06 AM, Emily Stark (Dunn) <estark@google.com> wrote:
> I was thinking maybe we could deprecate the latter (continue to support it
> for a while, maybe with a console warning, and eventually drop support).
> When parsing a referrer policy, we could first check if it matches one of
> the enum values, and if not, then parse it as JSON. If it neither matches an
> enum value nor parses as JSON, then we just ignore it.

That doesn't sound great to me. The new syntax is more complicated and
this is a feature we just introduced. If we start deprecating it now
developers would likely get upset and lose some trust in the platform.

Received on Friday, 8 April 2016 02:26:16 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:55 UTC