[whatwg] AppCache online whitelist wildcard bypasses restriction on scheme

Jenn Braithwaite (胡慧鋒) jennb at google.com
Wed Aug 5 16:15:28 PDT 2009


In the AppCache section of the HTML5 spec, the new wildcard value '*' for
the online whitelist section allows one to 'whitelist all' regardless of
scheme. However, the spec requires a URL in the online whitelist section to
have the same scheme as the manifest URL.  Seems like the new wildcard
feature has created a mismatch in whether the scheme should be restricted.

Should the scheme restriction be consistent regardless of wildcard value vs
explicitly listed URL?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090805/c203b520/attachment-0002.htm>

More information about the whatwg mailing list