Ian Hickson wrote:
On Fri, 28 Aug 2009, Mike Wilson wrote:
My chain of thoughts is something like below (this is just
a general
picture so don't take it too literally):
- invent a more restrictive mechanism for script access
between documents from the same origin (host) so it
On Thu, Sep 3, 2009 at 2:44 AM, Mike Wilsonmike...@hotmail.com wrote:
Ok, that sort of defeats the point as it will not be possible
to depend on this security function for HTML5 features released
before its appearance in the standard - my idea was that f ex
WebStorage would refer to (and
Adam Barth wrote:
On Thu, Sep 3, 2009 at 2:44 AM, Mike Wilson wrote:
Ok, that sort of defeats the point as it will not be possible
to depend on this security function for HTML5 features released
before its appearance in the standard - my idea was that f ex
WebStorage would refer to (and
On Fri, 28 Aug 2009, Mike Wilson wrote:
My chain of thoughts is something like below (this is just a general
picture so don't take it too literally):
- invent a more restrictive mechanism for script access
between documents from the same origin (host) so it
can be limited based on a
On Fri, Aug 28, 2009 at 12:25 AM, Mike Wilsonmike...@hotmail.com wrote:
I see what you mean. The ideal thing would be if we
could implement path-based security with the same
construct that adds path-based namespacing.
I realize the problem of backwards-compat, but have
there been any efforts
On Fri, 28 Aug 2009 09:29:55 +0200, Adam Barth wha...@adambarth.com
wrote:
On Fri, Aug 28, 2009 at 12:25 AM, Mike Wilsonmike...@hotmail.com wrote:
I see what you mean. The ideal thing would be if we
could implement path-based security with the same
construct that adds path-based namespacing.
Adam Barth wrote:
Mike Wilsonmike...@hotmail.com wrote:
I see what you mean. The ideal thing would be if we
could implement path-based security with the same
construct that adds path-based namespacing.
I realize the problem of backwards-compat, but have
there been any efforts or
On Fri, 28 Aug 2009 10:41:02 +0200, Mike Wilson mike...@hotmail.com
wrote:
But maybe there has been previous efforts done on this
topic?
Besides that I think that this is not possible and will not be done, why
should we do it? If you want to be secure use a separate domain. If you
offer
On Fri, Aug 28, 2009 at 1:41 AM, Mike Wilsonmike...@hotmail.com wrote:
- this mechanism needs a way to specify the blessed path,
maybe something along the lines of document.domain or a
response header
1) Document.domain is an abomination. We certainly don't want more
features like that.
2)
Adam Barth wrote:
Mike Wilsonmike...@hotmail.com wrote:
- this mechanism needs a way to specify the blessed path,
maybe something along the lines of document.domain or a
response header
1) Document.domain is an abomination. We certainly don't want more
features like that.
2)
10 matches
Mail list logo
