It is often necessary to evaluate whether a URL is secure in order to only enable certain features when minimum standards of authentication and confidentiality are met. For that purpose, web standards rely on the definition of "potentially trustworthy URL", which includes URLs with the "data" scheme in the latest version of the Secure Contexts specification. Blink already treats data: URLs as potentially trustworthy in some cases. The goal is to generalize this to all cases.
Motivation
- Ensure consistent behavior of "data:" URLs for security purpose within Blink. - Improve web compat by following the standard.
Documentation
Specification
Specification being incubated in a Community Group
Status in Chromium
No active development
(tracking bug)
Consensus & Standardization
- Positive
- No signal
- No signals
Owner
Last updated on 2020-11-30