[html5] r1538 - /

Tue May 6 18:40:25 PDT 2008

Author: ianh
Date: 2008-05-06 18:40:24 -0700 (Tue, 06 May 2008)
New Revision: 1538

Modified:
   index
   source
Log:
[e] (0) add a note explaining that referrers may be blanked for ssl->http connections

Modified: index
===================================================================

--- index	2008-05-07 01:35:42 UTC (rev 1537)
+++ index	2008-05-07 01:40:24 UTC (rev 1538)
@@ -2703,8 +2703,8 @@
    return either the URI of the page which <a href="#navigate"
    title=navigate>navigated</a> the <a href="#browsing0">browsing context</a>
    to the current document (if any), or the empty string if there is no such
-   originating page, or if the UA has been configured not to report
-   referrers, or if the navigation was initiated for a <a
+   originating page, or if the UA has been configured not to report referrers
+   in this case, or if the navigation was initiated for a <a
    href="#hyperlinks">hyperlink</a> with a <code title=rel-noreferrer><a
    href="#noreferrer">noreferrer</a></code> keyword.
 
@@ -2713,6 +2713,11 @@
    title="">Referer</code> (sic) header that was sent when fetching the
    current page.
 
+  <p class=note>Typically user agents are configured to not report referrers
+   in the case where the referrer uses an encrypted protocol and the current
+   page does not (e.g. when navigating from an <code title="">https:</code>
+   page to an <code title="">http:</code> page).
+
   <p>The <dfn id=cookie0 title=dom-document-cookie><code>cookie</code></dfn>
    attribute must, on getting, return the same string as the value of the
    <code title="">Cookie</code> HTTP header it would include if fetching the

Modified: source
===================================================================
--- source	2008-05-07 01:35:42 UTC (rev 1537)
+++ source	2008-05-07 01:40:24 UTC (rev 1538)
@@ -988,8 +988,8 @@
   title="navigate">navigated</span> the <span>browsing context</span>
   to the current document (if any), or the empty string if there is no
   such originating page, or if the UA has been configured not to
-  report referrers, or if the navigation was initiated for a
-  <span>hyperlink</span> with a <code
+  report referrers in this case, or if the navigation was initiated
+  for a <span>hyperlink</span> with a <code
   title="rel-noreferrer">noreferrer</code> keyword.</p>
 
   <p class="note">In the case of HTTP, the <code
@@ -997,7 +997,13 @@
   match the <code title="">Referer</code> (sic) header that was sent
   when fetching the current page.</p>
 
+  <p class="note">Typically user agents are configured to not report
+  referrers in the case where the referrer uses an encrypted protocol
+  and the current page does not (e.g. when navigating from an <code
+  title="">https:</code> page to an <code title="">http:</code>
+  page).</p>
 
+
   <p>The <dfn title="dom-document-cookie"><code>cookie</code></dfn>
   attribute must, on getting, return the same string as the value of
   the <code title="">Cookie</code> HTTP header it would include if


