W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2016

Re: [Proposal]: Set origin-wide policies via a manifest.

From: Ilya Grigorik <ilya@igvita.com>
Date: Thu, 28 Jul 2016 00:55:18 +0200
Message-ID: <CAKRe7JEpvHc38UF=vHt6Dmi8kM6M8kGCUebBrHV7=vDwwpHcUw@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: Anne van Kesteren <annevk@annevk.nl>, Mike West <mkwst@google.com>, Joel Weinberger <jww@google.com>, Devdatta Akhawe <dev.akhawe@gmail.com>, "Mike O'Neill" <michael.oneill@baycloud.com>, "public-webappsec@w3.org" <public-webappsec@w3.org> 
On Thu, Jul 28, 2016 at 12:43 AM, Brad Hill <hillbrad@gmail.com> wrote:

> 2) Another smart person at FB points out that the benefit of having the
> client send which version it is currently enforcing for the domain is that
> you can avoid having to do an H2 push for every request to avoid blocking.
> Seems like a big deal, so maybe the "cookie-like" semantics are a big win,
> after all.


Yep, big +1 to that.
Received on Wednesday, 27 July 2016 22:56:30 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:20 UTC