On 9/19/13 11:30 AM, Daniel Veditz wrote:
At the moment, hard; trivial once we support the CSP 1.1 tag
feature. Well, actually, adding the CSP policies isn't going to be the
hard part, fixing up all the pages will take a lot of work.
In the absence of the meta tag, can we hard code policies i
Le 23/09/2013 10:42, ianG a écrit :
And yes, once HTTPS is indicated on the original request, it has to
maintain SSL/TLS protection across the lot, otherwise the security
claim is broken.
That's not the case already, so there should not be an exception for
WebSockets.
In my case this force
On 23/09/13 11:21 AM, Aymeric Vitte wrote:
Please see: https://bugzilla.mozilla.org/show_bug.cgi?id=917829
I think I have detailed already in the bug report why it does not
necessary make sense to forbid ws from a https page, for your review and
comments.
The problem might be that when you sw
Please see: https://bugzilla.mozilla.org/show_bug.cgi?id=917829
I think I have detailed already in the bug report why it does not
necessary make sense to forbid ws from a https page, for your review and
comments.
Regards,
Aymeric
--
jCore
Email : avi...@jcore.fr
Peersm : http://www.peersm.
