On Tue, May 31, 2011 at 10:25 AM, Christopher Blizzard <[email protected]> wrote: > On 5/31/2011 8:24 AM, Brian Smith wrote: >> >> We have also discussed blocking https+ws:// content completely in our >> WebSockets implementation, so that all WebSockets on a HTTPS page must be >> wss://. That way, we could avoid making mixed content problems any worse. > > Do you have a bug on file for that yet?
If you'd be willing to file a bug at bugs.webkit.org too (and CC me), I can help make sure WebKit and Firefox end up with the same behavior here. Thanks, Adam _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
