On Fri, Jul 28, 2017 at 10:15 PM, Jonathan Kingston wrote:
> Hey Tim,
>
> The only questions I have about this our are difference in implementation
> over Chrome the more we increase the use of [SecureContext] the greater risk
> we put on compat bugs.
Good news, the implementation difference was
Hey Tim,
The only questions I have about this our are difference in implementation
over Chrome the more we increase the use of [SecureContext] the greater
risk we put on compat bugs.
Our implementation differs in that we actually abide to the specification
on window.opener insecure contexts makin
Summary: The WebCrypto spec [1] states that window.crypto.subtle
should only be usable from a secure origin (i.e. on a domain being
served over HTTPS). Currently Gecko's implementation works on insecure
origins (i.e. sites served over unencrypted HTTP). To bring our
implementation in line with the
3 matches
Mail list logo
