- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 22 Feb 2011 11:08:29 -0500
- To: gaz Heyes <gazheyes@gmail.com>
- CC: Adam Barth <w3c@adambarth.com>, "sird@rckc.at" <sird@rckc.at>, public-web-security@w3.org
On 2/22/11 4:41 AM, gaz Heyes wrote: > Maybe it's me but I looked and couldn't find how "globally unique > identifier" is generated. It's unspecified, but that's ok because it's not ever exposed anywhere where you could examine it. So as long as it's actually globally unique, there is no problem. Gecko basically uses UUIDs here, sort of (caveat below). > The unique origin does not use the about scheme. > > What does it use? In the case of Gecko, it uses a separate implementation of the origin interface, which always tests not equal to anything else (and has some other restrictions on it in terms of what it can do). In particular, this means that an origin compare for the unique origins is a _pointer_ compare. So the origin is actually the object identity of the origin object for unique origins. > I'm interested in ways to get the unique origin and the regenerate it There shouldn't be any. If you can do that, that's a bug. -Boris
Received on Tuesday, 22 February 2011 16:09:05 UTC