Open christhompson opened 1 year ago
annevk
commented
1 year ago What's not entirely clear to me about this proposal is whether it regresses on Mixed Content invariants when the navigation is upgraded. The specification PR doesn't seem like it's quite ready for review and I filed https://github.com/dadrian/https-upgrade/issues/3 on the explainer.
See also https://github.com/WICG/proposals/issues/63#issuecomment-1348422101 which never was directly addressed to my knowledge.
christhompson
commented
1 year ago Thanks for filing the Explainer issue. Our goal is to not regress any Mixed Content invariants, so if anything stands out as potentially problematic we'd want to try to address it. I've tried to address the questions regarding mixed content vs. HTTPS Upgrades there and on https://github.com/WICG/proposals/issues/63#issuecomment-1599449396. We've iterated on the spec recently and I think we will be comfortable marking it as ready for review by Fetch owners soon.
WebKittens
@annevk @bailey
Title of the spec
HTTPS Upgrades
URL to the spec
https://fetch.spec.whatwg.org/
URL to the spec's repository
https://github.com/whatwg/fetch
Issue Tracker URL
No response
Explainer URL
https://github.com/dadrian/https-upgrade/blob/main/explainer.md
TAG Design Review URL
No response
Mozilla standards-positions issue URL
https://github.com/mozilla/standards-positions/issues/800
WebKit Bugzilla URL
No response
Radar URL
No response
Description
“HTTPS Upgrades” is a proposal to standardize opportunistic upgrades of idempotent main frame navigation requests to HTTPS with fallback to HTTP on failure. We’ve written an explainer and have opened a proposal issue and PR on the Fetch spec for how we think we could add this to the spec.
The ChromeStatus entry for this feature is https://chromestatus.com/feature/6056181032812544. We currently have a prototype implementation enabled in Chrome’s pre-release channels (Canary/Dev/Beta).