Supporting X-Content-Type-Options: nosniff for <img> breaks the web: https://bugzilla.mozilla.org/show_bug.cgi?id=1302539 …. Time for nosniff-for-real?
-
-
good point, I suggested we try and get some. I suspect Chrome could get away with shipping this.
@mikewest, interested? -
: In breaking the web? Yes, of course! In shipping no sniff for <img>? Seems low-impact if there are interim concerns.
@slightlylate - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.