Open
Bug 1177856
Opened 9 years ago
Updated 2 years ago
Cache API should implement full secure settings trust checks
Categories
(Core :: Storage: Cache API, enhancement)
Core
Storage: Cache API
Tracking
()
NEW
People
(Reporter: bkelly, Unassigned)
Details
In bug 1175138 we implemented a simple scheme check for "trusted" origins. This helps with the goal of deprecating http, but its easily bypassed.
We should implement the full secure settings algorithm as defined here:
https://w3c.github.io/webappsec/specs/powerfulfeatures/#settings-secure
Assignee | ||
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
Updated•5 years ago
|
Component: DOM: Core & HTML → Storage: Cache API
Updated•5 years ago
|
Type: defect → enhancement
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•