[Webkit-unassigned] [Bug 179049] New: `<picture>` and `<img srcset>` ought to be treated as "blockable" mixed content.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 31 01:58:04 PDT 2017
https://bugs.webkit.org/show_bug.cgi?id=179049
Bug ID: 179049
Summary: `<picture>` and `<img srcset>` ought to be treated as
"blockable" mixed content.
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mkwst at chromium.org
The Mixed Content spec carves out blockable subsets of `<img>` (step 4 of https://w3c.github.io/webappsec-mixed-content/#should-block-fetch) as a first step towards tightening mixed content restrictions more generally. WebKit currently treats these as optionally-blockable.
See, for example, tests at https://w3c-test.org/mixed-content/picture-tag/no-opt-in/same-host-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html and https://w3c-test.org/mixed-content/imageset.https.sub.html, which Chrome and Firefox currently agree on.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171031/20a5c2a8/attachment.html>
More information about the webkit-unassigned
mailing list