Opened 8 years ago
Closed 8 years ago
#40799 closed defect (bug) (wontfix)
HTTPS everywhere
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | |
| Component: | General | Keywords: | |
| Focuses: | Cc: |
Description
These get flagged by scanning engines, and HTTPS is the future
Attachments (1)
Change History (3)
#1
@
8 years ago
- Version trunk deleted
This a namespace name in the form of an URI, and not something you change to your own preference.
https://www.w3.org/ has this:
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
Suggest close as wontfix.
#2
@
8 years ago
- Milestone Awaiting Review deleted
- Resolution set to wontfix
- Status changed from new to closed
Both link relations and XML namespaces are URIs (indicators) rather than URLs (locations), and they're just a name. They can be any type of URI, something like data:text/plain;... or urn:isbn:... would be perfectly fine here, despite browsers not being able to access them.
However, they do need to match exactly against the standard's name, so we can't change them. (As an example, RDF's namespace is http://www.w3.org/1999/02/22-rdf-syntax-ns# with the trailing, useless hash, which can't be removed.)
Changing this would break compatibility with browsers and other clients that expect this exact name, so closing as a wontfix. The scanning engines you mention need to be changed to understand that XML namespaces and link relations are just names, not links.
https-everywhere.patch