- From: <bugzilla@jessica.w3.org>
- Date: Wed, 10 Aug 2011 01:31:41 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=13072
Ian 'Hixie' Hickson <ian@hixie.ch> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |ian@hixie.ch
Resolution| |WONTFIX
--- Comment #3 from Ian 'Hixie' Hickson <ian@hixie.ch> 2011-08-10 01:31:40 UTC ---
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are
satisfied with this response, please change the state of this bug to CLOSED. If
you have additional information and would like the editor to reconsider, please
reopen this bug. If you would like to escalate the issue to the full HTML
Working Group, please add the TrackerRequest keyword to this bug, and suggest
title and text for the tracker issue; or you may create a tracker issue
yourself, if you are able to do so. For more details, see this document:
http://dev.w3.org/html5/decision-policy/decision-policy.html
Status: Rejected
Change Description: no spec change
Rationale: Different ports on a shared host can be under the control of
different users. In fact this basically gives anyone who can get a user account
on a machine essentially XSS access to everything hosted on port 80, which
seems quite dangerous.
In any case, the IE document seems to only apply to XHR, and seems rather
limited even in that context (indeed the document seems to contradict itself on
the matter).
--
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Wednesday, 10 August 2011 01:31:42 UTC