<div dir="ltr">Apologies for digging up an old thread; I didn&#39;t see it until now.<br><br>On Thu, Jul 24, 2014 at 7:59 AM, Alexey Proskuryakov &lt;<a href="mailto:ap@webkit.org">ap@webkit.org</a>&gt; wrote:<br>&gt; In other words, how is &quot;active content&quot; defined here?<br>

<br>Note that the WebAppSec WG is working on a mixed content spec that drops the &quot;active&quot;/&quot;passive&quot; distinction in favor of &quot;stuff we can block without breaking the web&quot;/&quot;images&quot;: <a href="http://w3c.github.io/webappsec/specs/mixedcontent/#categories">http://w3c.github.io/webappsec/specs/mixedcontent/#categories</a> Feedback on that document would be welcome.<br>

<br>As Michael notes in his response, Chrome is busy tightening its implementation to match that spec. Some details on that in <a href="https://groups.google.com/a/chromium.org/d/msg/security-dev/Uxzvrqb6IeU/wb51F3nV7csJ">https://groups.google.com/a/chromium.org/d/msg/security-dev/Uxzvrqb6IeU/wb51F3nV7csJ</a><br>

<br>-mike</div>