On 7/1/15 12:28 PM, Martin Thomson wrote:
Colloquially: "would you show a lock?"
I just don't see how this can possible match up with what we actually want here. We don't show a lock for file:// or chrome://, yet the former is explicitly considered a secure context per spec and the latter should be considered a secure context per sanity.
Unfortunately, conveying the nuance involved in creating a stronger definition is non-trivial.
Yes, I understand that. Hence my asking whether we have a workable definition so far, because without knowing whether, say, resource:// should be considered a secure context or not it's hard to say what our policy for API exposure in secure contexts should be.
-Boris _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
