[Webkit-unassigned] [Bug 142412] New: [GTK] Allow mixed content when the TLS connection is unauthenticated
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 6 14:40:28 PST 2015
https://bugs.webkit.org/show_bug.cgi?id=142412
Bug ID: 142412
Summary: [GTK] Allow mixed content when the TLS connection is
unauthenticated
Classification: Unclassified
Product: WebKit
Version: 528+ (Nightly build)
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Gtk
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at igalia.com
Another difference between our behavior and http://w3c.github.io/webappsec/specs/mixedcontent/
If the TLS connection is unauthenticated, there is no point in blocking mixed content. This will result in a confusing situation for browser UIs (are they supposed to display both a shield and a broken lock? but there is no point in having a shield to "protect" you from mixed content on an unauthenticated connection!), so we really should allow it in this case.
This will likely need to be implemented separately for each port, but other ports very probably want this too.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150306/1907a2dd/attachment-0002.html>
More information about the webkit-unassigned
mailing list