12668 2011-05-17 14:49:13 +0000 UA's *should* send HTTPS URLs to (secure) third-party sites registered as content handlers, as UAs *do* send Referer HTTP headers from secure sites to third-party sites, given that the third-party site is also secure. 2011-08-13 01:29:50 +0000 1 1 1 Unclassified HTML WG LC1 HTML5 spec unspecified Other other RESOLVED NEEDSINFO http://www.whatwg.org/specs/web-apps/current-work/#security-and-privacy P3 normal --- 1 contributor ian ian mike public-html-admin public-html-wg-issue-tracking public-html-bugzilla oldest_to_newest 48559 0 contributor 2011-05-17 14:49:13 +0000 Specification: http://www.whatwg.org/specs/web-apps/current-work/ Section: http://www.whatwg.org/specs/web-apps/current-work/#security-and-privacy Comment: UA's *should* send HTTPS URLs to (secure) third-party sites registered as content handlers, as UAs *do* send Referer HTTP headers from secure sites to third-party sites, given that the third-party site is also secure. Posted from: 98.235.63.240 User agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 53339 1 mike 2011-08-04 05:12:54 +0000 mass-move component to LC1 54850 2 ian 2011-08-13 01:29:50 +0000 EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are satisfied with this response, please change the state of this bug to CLOSED. If you have additional information and would like the editor to reconsider, please reopen this bug. If you would like to escalate the issue to the full HTML Working Group, please add the TrackerRequest keyword to this bug, and suggest title and text for the tracker issue; or you may create a tracker issue yourself, if you are able to do so. For more details, see this document: http://dev.w3.org/html5/decision-policy/decision-policy.html Status: Did Not Understand Request Change Description: no spec change Rationale: I don't understand. Could you elaborate?