Re: WebRTC connections do not trigger content policies. Should they?

On Tue, Jun 21, 2016 at 12:30 PM, Daniel Veditz wrote: > On Sat, Jun 18, 2016 at 6:37 AM, Eric Rescorla wrote: > > > instead of having it sourced from the > > ​ ​ > > advertiser's > > ​ ​ > > origin, they instead stand > > up ".publisher.example.com" > > ​ ​ > > and > > ​ ​ > > point > > ​ ​ > >

Re: WebRTC connections do not trigger content policies. Should they?

On Sat, Jun 18, 2016 at 6:37 AM, Eric Rescorla wrote: > instead of having it sourced from the > ​ ​ > advertiser's > ​ ​ > origin, they instead stand > up ".publisher.example.com" > ​ ​ > and > ​ ​ > point > ​ ​ > it at the advertiser's > IP addresses (via an A record to the advertiser's > ​ ​ >

Re: ARIA membership and role="password"

An update to this: I just re-joined the ARIA-WG on Mozilla's behalf. Marco 2016-06-02 17:47 GMT+02:00 David Bolter : > Hi Johnathan, > > Our lack of direct W3C ARIA involvement recently is mainly due to > time/resource constraints and we have influence via proxy. > > I think ARIA is best scoped

Re: Basic Auth Prevalence (was Re: Intent to ship: Treat cookies set over non-secure HTTP as session cookies)

I concur. 1 in every 12 loads require an HTTP auth prompt? Seems very high. Visual inspection of the probe implementations [1] [2] show no obvious faults, so I'm not sure what's going on here. [1] https://dxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#78

[Firefox Desktop] Issues found: June 13th to 17th

Hi everyone, Here's the list of new issues found and filed by the Desktop Release QA Team last week, *June 13 - June 17* (week 24). Additional details on the team's priorities last week, as well as the plans for the current week are available at: https://public.etherpad-mozilla.org/p/Des