- From: Franklin Tse <franklinwhale@hotmail.com>
- Date: Mon, 07 Mar 2016 09:31:42 +0100
- To: site-comments@w3.org
Hello, w3.org can now be viewed in HTTPS and there is a Content Security Policy asking browsers to upgrade insecure requests across the site. I note that "Upgrade Insecure Requests" is currently a W3C Candidate Recommendation and some browsers have implemented it. However, that means some browsers have not implemented the directive, and as a result users of those browsers encounter broken pages, especially for those who have strict mixed content checking enabled. Enabling HTTPS is good, and "Upgrade Insecure Requests" appears to provide an easier way for website administrators to enable HTTPS. I agree that there is a need to promote and experience it, but I think there has to be a balance between using cutting-edge technology and maintaining a reasonably wide range of viewers. One of the primary objectives to come to w3.org is for accessing the W3C specifications. W3C should update the paths of stylesheets and images on W3C specifications and notes to relative links, so that browsers that do not support Upgrade Insecure Requests can load W3C specifications properly. Regards, Franklin Tse
Received on Monday, 7 March 2016 08:47:43 UTC