- From: Mohammedalduhamshi via GitHub <sysbot+gh@w3.org>
- Date: Sat, 23 Nov 2024 02:30:46 +0000
- To: public-webauthn@w3.org
> [mozilla/standards-positions#1052 (comment)](https://github.com/mozilla/standards-positions/issues/1052#issuecomment-2412388864) > > Addresses Mozilla's feedback around Related Origins. > > * Requires well-known to be served via HTTPS by the RP > * Requires `https:` scheme for all well-known calls by the client > * Requires `https:` for all redirects > * Requires calls by client to well-known endpoint to not be credentialed and not include referrer > > /ghcc @dveditz > > The following tasks have been completed: > > * [ ] Modified Web platform tests ([link](https://github.com/web-platform-tests/wpt/)) > > Implementation commitment: > > * [ ] WebKit ([link to issue](https://bugs.webkit.org/)) > * [ ] Chromium ([link to issue](https://issues.chromium.org/issues/new?component=1456855&template=0)) > * [ ] Gecko ([link to issue](https://bugzilla.mozilla.org/home)) > > Documentation and checks > > * [x] Affects privacy > * [x] Affects security > * [x] Updated explainer ([link](https://github.com/w3c/webauthn/wiki/Explainer:-Related-origin-requests)) > > [Preview](https://pr-preview.s3.amazonaws.com/w3c/webauthn/pull/2186.html) | [Diff](https://pr-preview.s3.amazonaws.com/w3c/webauthn/2186/efdf948...241833d.html) -- GitHub Notification of comment by Mohammed-Alanazisa Please view or discuss this issue at https://github.com/w3c/webauthn/pull/2186#issuecomment-2495229139 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Saturday, 23 November 2024 02:30:47 UTC