Re: [csswg-drafts] [selectors-4] [backgrounds-3] Prevent CSS keylogging from Jake Archibald via GitHub on 2018-03-10 (public-css-archive@w3.org from March 2018)

From: Jake Archibald via GitHub <sysbot+gh@w3.org>
Date: Sat, 10 Mar 2018 16:46:11 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-372043920-1520700370-sysbot+gh@w3.org>

> You never should send passwords from servers. Embedded ads scripts (and additions to browsers) can read value

If they have script access to your page, they don't need the server to send the password in order to read it.

-- 
GitHub Notification of comment by jakearchibald
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/2426#issuecomment-372043920 using your GitHub account

Received on Saturday, 10 March 2018 16:46:13 UTC