W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > November 2010

[Bug 11203] Canvas security model does not allow for same-origin relaxation

From: <bugzilla@jessica.w3.org>
Date: Wed, 03 Nov 2010 18:27:08 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1PDi3A-0004we-Jo@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=11203

--- Comment #8 from Boris Zbarsky <bzbarsky@mit.edu> 2010-11-03 18:27:08 UTC ---
That would be fine yes.

I don't think we want a way for site A to say that content from some other site
B should be treated as same-origin with site A without site B having opted into
it.  That way lie bad things....

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Wednesday, 3 November 2010 18:27:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 3 November 2010 18:27:10 GMT