| 04:00 | <annevk> | There will be lots of Mozillians there I believe, but not me |
| 07:07 | <annevk> | I wish there was a there for something that's cross-origin and same-site |
| 07:09 | <annevk> | And same-scheme I suppose, gah |
| 08:22 | <lilltiger> | imo CORS/Certificates should have some "friend" function, so it would allow all stuff from origin marked with friend certificates |
| 08:30 | <annevk> | s/a there/a term/ doh |
| 08:49 | <hsivonen> | lilltiger: what would prevent ad tech from pressuring its customers to mark everything as friend? |
| 08:59 | <annevk> | Domenic: so I wonder if the service worker issue we're seeing is because HTML still loads some of these resources without CORS |
| 09:00 | <annevk> | Domenic: all of this will be resolved with the doubled-keyed HTTP cache so I guess we can just leave things as-is |
| 09:08 | <lilltiger> | hsivonen: hmm, true |
| 09:16 | <Domenic> | annevk: oh wow, maybe. I think we should fix it in HTML though. |
| 09:22 | <annevk> | "Started httpserver on port 8080" was this always part of building HTML? |
| 09:26 | <annevk> | Oh fun, building HTML has a Python dependency now |
| 12:48 | <Domenic> | It'll just not syntax highlight things if you're missing python |
| 13:02 | <annevk> | Maybe I was not running the latest html-build |
| 15:58 | <wanderview> | annevk: what is the "service worker issue we're seeing" you mention above? |
| 20:13 | <annevk> | wanderview: basically visual and console errors when viewing WHATWG standards that have SWs |
| 20:13 | <TabAtkins> | hsivonen: From what I've heard from my friends over on the security team, similar efforts in this space will boil down to "we monitor, and actively shut down attempts to create massive 'friend' networks" |
| 20:13 | <TabAtkins> | (aka "first party sets", etc) |
| 20:13 | <annevk> | TabAtkins: heya, ping on tracking markup in bs |
| 20:14 | <TabAtkins> | It'll be pretty dang obvious when that happens, and it's terrible for security, so we'll just not allow it to work. |
| 20:14 | <TabAtkins> | annevk: ponged, it's hovering at the top of my list. |
| 20:15 | <annevk> | πΊπ» |
| 22:04 | <TimothyGu> | Looks like https://www.w3c.org/TR/html now redirects, as well as /html5, but not /html51 or /html52... is there someone we can talk to to get that fixed? |