- From: Jeff Sonstein <jsonstein@gmail.com>
- Date: Wed, 13 Jul 2016 09:11:06 -0400
- To: Florian Bösch <pyalot@gmail.com>
- Cc: public-webvr@w3.org
Received on Wednesday, 13 July 2016 13:11:37 UTC
I would agree... authors/producers who need more security can & do design it in jeffs -- Jeff Sonstein Assoc. Prof. (ret'd) College of Computing, R.I.T. > On Jul 13, 2016, at 9:00 AM, Florian Bösch <pyalot@gmail.com> wrote: > >> On Wed, Jul 13, 2016 at 2:53 PM, Jeff Sonstein <jsonstein@gmail.com> wrote: >> does not overwhelm the reality of the good-enough >> (maybe just same origin) > origin restrictions are (and should be) subject to CORS (cross origin sharing policy). That is presently the case for XHR, images/videos loaded into WebGL and audio files loaded into Audio contexts. Since the means to implement WebVR is WebGL, and since WebGL already respects origin policies and CORS, there's no further work to be done security wise. It's already done, implemented, verified, deployed and deemed working.
Received on Wednesday, 13 July 2016 13:11:37 UTC