Skip to content

COOP and HTTPS state "deprecated" #5669

New issue
New issue
Closed
Closed
COOP and HTTPS state "deprecated"#5669
Assignees
domenic
Labels
security/privacyThere are security or privacy implicationstopic: cross-origin-opener-policyIssues and ideas around the new "inverse of rel=noopener" header
@domenic

Description

@domenic
domenic
opened on Jun 24, 2020

c9fddd7 introduced COOP with the secure context check using "Is url potentially trustworthy?". This gives the wrong answer for cases where the environment's HTTPS state is "deprecated".

#5659 can provide the foundation to fix this, allowing us to check the environment, instead of the URL.

Metadata

Metadata

Assignees

Labels

security/privacyThere are security or privacy implicationstopic: cross-origin-opener-policyIssues and ideas around the new "inverse of rel=noopener" header

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions