- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Sun, 17 Aug 2008 21:51:08 -0400
- To: Ory Segal <orysegal@gmail.com>
- CC: public-html@w3.org
Ory Segal wrote: > ( Note - assuming that the child and the parent documents originate from > the same domain ... > Functionally speaking, the problem is not so severe, but there are > security implications to this ambiguity - a malicious parent document > (not from the same domain) I'm not sure how to reconcile those two things. If the parent is not from the same domain, the child can't access things in it, and there is no problem, no? -Boris
Received on Monday, 18 August 2008 01:51:53 UTC