W3C home > Mailing lists > Public > www-talk@w3.org > November to December 2008

Re: Fallback flow for /site-meta for top level domains

From: andre John Mas <ajmas@sympatico.ca>
Date: Wed, 03 Dec 2008 14:08:54 -0500
Message-ID: <BLU128-F14B28DDEF917EC30B7558BC5030@phx.gbl>
To: benl@google.com, mnot@mnot.net
Cc: eran@hueniverse.com, www-talk@w3.org, jar@creativecommons.org

>On Wed, Dec 3, 2008 at 12:58 PM, Mark Nottingham <mnot@mnot.net> wrote:
> > On 03/12/2008, at 11:32 PM, Ben Laurie wrote:
> >> There are standards for XSS???
> >
> > There's a de facto standard in the browsers (same origin), and these 
>folks
> > are working towards something more formal, maybe;
> >  http://www.w3.org/2006/WSC/
>
>Same origin policy isn't really all that much to do with cross-site
>scripting, surely?
>

With regards to same origin policy, is there any consideration for file:/// 
based stuff, since there is currently an open issue in the Mozilla bug 
database:

https://bugzilla.mozilla.org/show_bug.cgi?id=397894

If there is a w3c recommendation on how to deal with this it would be 
useful.

Andre
Received on Wednesday, 3 December 2008 19:09:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:29 GMT