- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 10 Jan 2012 15:15:18 -0500
On 1/10/12 2:49 PM, Adam Barth wrote: > On Mon, Jan 9, 2012 at 10:02 PM, Boris Zbarsky<bzbarsky at mit.edu> wrote: >> On 1/10/12 12:48 AM, Tantek ?elik wrote: >>> Should 'beforeload'/'afterload' be explicitly specified and added to >>> the web platform? >> >> Outside of extensions, what are the use cases? Can they usefully labor >> under restrictions like knowing the URI to be loaded but not the context >> it's being loaded in? AdBlock apparently can in at least some cases, yes? > > Some web sites use beforeload to monitor for mixed content > vulnerabilities. In some cases, they block the load Do they really need to block the load, or block processing of the response? For the mixed-content case, it seems like blocking processing of the response is enough (and that furthermore only the URI is needed, not the actual element, to detect mixed-content cases). -Boris
Received on Tuesday, 10 January 2012 12:15:18 UTC