[whatwg] should we add beforeload/afterload events to the web platform?
Boris Zbarsky
bzbarsky at MIT.EDU
Fri Feb 3 22:47:48 PST 2012
On 2/3/12 11:15 PM, Ian Hickson wrote:
> No, I agree with you that if the author is using HTTP styles on their
> HTTPS page that an attacker could screw with the page. But my point is
> that fixing that is easy: just move the styles to HTTPS. In the case of
> scripts it's not that easy because the scripts might be on third-party
> servers
Styles are also commonly found on third-party servers...
> in complicated setups
Likewise.
But yeah, I'd love to hear from Adam here.
-Boris
More information about the whatwg
mailing list