Johnathan Nightingale wrote on 7/24/2009 9:26 AM: > On regular http connections, this kind of disclosure is obviously > inevitable since the page contents themselves are visible to > eavesdroppers, but when the connection is over https, there is a > reasonable expectation of some privacy, so we try to preserve it as much > as possible.
Great, thanks for the explanation. - Bil _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security