[Webkit-unassigned] [Bug 171934] Content from loopback addresses (e.g. 127.0.0.1) should not be considered mixed content
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 15 21:52:06 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=171934
--- Comment #30 from antoine at thirdshelf.com ---
Indeed “new” here but not new to web browser development - ex-Firefox dev here, back when IE was still dominant. :) I’m very proud of what we achieved in the past 20 years but disheartened when a read such a thread.
I’m truly baffled by the “I myself personally didn’t encounter any use cases so it’s obviously useless to the world” argument. I thought the web community had moved past that.
Im also baffled by some of the “security concerns” I read here. “If a Trojan is installed on the computer...”. If a Trojan is installed you have bigger things to worry about. If a decision is made in the name of security, shouldn’t a security body review it? And to that point... didn’t one ALREADY REVIEW this exact point? Have there been counter examples? Attacks in the wild? Zero day exploits? Or are we just thinking of the children?
Even looking at the future of the web, there are drafts in development to actively let the browser talk to hardware - whether Bluetooth, USB, or even through raw tcp sockets. Thinking that browsers should be banned from hardware communication is curing the disease by killing the patient. And also going against a major trend in the future of the web. Yay for native apps?
Once again: can we follow the spec and not break the web even further? Please?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180816/9c2e9008/attachment.html>
More information about the webkit-unassigned
mailing list