Re: [csswg-drafts] [css-sizing] Auto-resize iframes based on content (#1771) from Zach Lym via GitHub on 2019-03-26 (public-css-archive@w3.org from March 2019)

From: Zach Lym via GitHub <sysbot+gh@w3.org>
Date: Tue, 26 Mar 2019 02:20:16 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-476448104-1553566815-sysbot+gh@w3.org>

I don't buy the security argument, who cares if someone knows that you are logged in somewhere?  That might allow someone to infer that you are a sysadmin or use a website, but you could perform timing attacks to see if some resource had been loaded previously.  Any half-competent sysadmin worried about that kind of leak should be blocking iframe embedding entirely.

-- 
GitHub Notification of comment by indolering
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/1771#issuecomment-476448104 using your GitHub account

Received on Tuesday, 26 March 2019 02:20:17 UTC