W3C home > Mailing lists > Public > whatwg@whatwg.org > November 2010

[whatwg] Encrypted HTTP and related security concerns - make mixed content warnings accessible from JS?

From: timeless <timeless@gmail.com>
Date: Thu, 11 Nov 2010 21:19:56 +0200
Message-ID: <AANLkTinh3nH1YrZ5Tx361iCzQ00cAv2=i4zy8CPFgvZ4@mail.gmail.com>
On Thu, Nov 11, 2010 at 12:17 PM, Ingo Chao <i4chao at googlemail.com> wrote:
> For automated error reporting, say for a HTTPS mashup page with 3rd
> party advertisement content, I would like to have a security warning
> thrown for the mixed content situation (HTTPS mixed with HTTP
> content), accessible from JavaScript.
>
> Would that be possible to specify?

sounds like it's asking for information disclosure.

so offhand, i'd say "no".

Use a web debugger (DragonFly, Firebug, ...).
Received on Thursday, 11 November 2010 11:19:56 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:28 UTC