On 4/20/11 3:54 PM, Tab Atkins Jr. wrote:
Please correct me if I'm missing something, but I don't see any new privacy-leak vectors here. Without Shared Workers, 3rdparty.com can just hold open a communication channel to its server
Unless you have a firewall or proxy that prevents that particular site (via blacklist or whitelist) from doing that. Or unless you have a browser extension that prevents such things.
So shared workers are in fact adding a new vector: browser extensions will need to be changed to handle them, and they can't be dealt with at all via wirewalls or proxies.
-Boris