https://www.w3.org/Bugs/Public/show_bug.cgi?id=25987

            Bug ID: 25987
           Summary: Blob URL parsing / fetching model
           Product: WebAppsWG
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: File API
          Assignee: a...@mozilla.com
          Reporter: ann...@annevk.nl
        QA Contact: public-webapps-bugzi...@w3.org
                CC: gl...@zewt.org, jo...@sicking.cc,
                    public-webapps@w3.org
        Depends on: 25914
            Blocks: 24338

Given http://lists.w3.org/Archives/Public/public-webapps/2014AprJun/0683.html
we might need to revisit our strategy.

It seems we've already given the URL parser access to the global environment so
it can reach the blob URL store.

However, the scope of the blob URL store also encompasses global environments
that can be reached solely through document.domain and so not all of them are
same-origin. So I guess in addition a same-origin check is in order. I guess we
should do the same-origin check in the URL parser so it's deterministic.

And then fetching a URL which has an associated object will just never fail.

Does that make sense?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to