[whatwg] should we add beforeload/afterload events to the web platform?

Boris Zbarsky bzbarsky at MIT.EDU
Fri Feb 3 22:47:48 PST 2012

On 2/3/12 11:15 PM, Ian Hickson wrote:
> No, I agree with you that if the author is using HTTP styles on their
> HTTPS page that an attacker could screw with the page. But my point is
> that fixing that is easy: just move the styles to HTTPS. In the case of
> scripts it's not that easy because the scripts might be on third-party
> servers

Styles are also commonly found on third-party servers...

> in complicated setups


But yeah, I'd love to hear from Adam here.


More information about the whatwg mailing list