On 6/7/2011 5:52 PM, Adam Barth wrote:
On Tue, Jun 7, 2011 at 5:43 PM, Brian Smithbsm...@mozilla.com wrote:
Adam Barth wrote:
On 5/31/2011 8:24 AM, Brian Smith wrote:
We have also discussed blocking https+ws:// content completely in
our
WebSockets implementation, so that all WebSockets on a
On Wed, Jun 8, 2011 at 8:40 AM, Christopher Blizzard
blizz...@mozilla.com wrote:
On 6/7/2011 5:52 PM, Adam Barth wrote:
On Tue, Jun 7, 2011 at 5:43 PM, Brian Smithbsm...@mozilla.com wrote:
Adam Barth wrote:
On 5/31/2011 8:24 AM, Brian Smith wrote:
We have also discussed blocking https+ws://
It seems fine to me to block ws:// in https pages as long as there are
available workarounds for people who have a legitimate reason to access
ws:// from an https page. I think you can do that with an iframe to an HTTP
page, using postMessage to pass the web socket data back and forth between
the
Adam Barth wrote:
On 5/31/2011 8:24 AM, Brian Smith wrote:
We have also discussed blocking https+ws:// content completely in
our
WebSockets implementation, so that all WebSockets on a HTTPS page
must be
wss://. That way, we could avoid making mixed content problems any
worse.
On Tue, Jun 7, 2011 at 5:43 PM, Brian Smith bsm...@mozilla.com wrote:
Adam Barth wrote:
On 5/31/2011 8:24 AM, Brian Smith wrote:
We have also discussed blocking https+ws:// content completely in
our
WebSockets implementation, so that all WebSockets on a HTTPS page
must be
wss://.
On 5/31/2011 8:24 AM, Brian Smith wrote:
We have also discussed blocking https+ws:// content completely in our
WebSockets implementation, so that all WebSockets on a HTTPS page must be
wss://. That way, we could avoid making mixed content problems any worse.
Do you have a bug on file for
On Tue, May 31, 2011 at 10:25 AM, Christopher Blizzard
blizz...@mozilla.com wrote:
On 5/31/2011 8:24 AM, Brian Smith wrote:
We have also discussed blocking https+ws:// content completely in our
WebSockets implementation, so that all WebSockets on a HTTPS page must be
wss://. That way, we