Quoted Referrer-Policy values from Emily Stark (Dunn) on 2016-08-31 (public-webappsec@w3.org from August 2016)

From: Emily Stark (Dunn) <estark@google.com>
Date: Wed, 31 Aug 2016 09:26:46 -0700
To: "public-webappsec@w3.org" <public-webappsec@w3.org>, Francois Marier <francois@mozilla.com>, Mike West <mkwst@google.com>, Franziskus Kiefer <fkiefer@mozilla.com>, Anne van Kesteren <annevk@annevk.nl>
Message-ID: <CAPP_2Sbk0boo+MVr7p2NMnBatvNBtvfKu5T8NKKoTf3n1yRAeg@mail.gmail.com>

For the value of the Referrer-Policy header, Mike pointed out that there
was some agreement to quote the values (`Referrer-Policy: "unsafe-url"`),
but that never actually made it into the spec. (My bad.) See
https://github.com/w3c/webappsec-referrer-policy/issues/65.

I would like to do this to be forwards-compatible in case we later want to
introduce a more flexible JSON based-syntax. Mozilla folks, are you
willing/able to consider changing the Firefox implementation?

Thanks,
Emily

Received on Wednesday, 31 August 2016 16:27:37 UTC