W3C home > Mailing lists > Public > public-css-archive@w3.org > June 2020

Re: [csswg-drafts] [css-images] image-orientation:none violates same-origin policy (#5165)

From: Noam Rosenthal via GitHub <sysbot+gh@w3.org>
Date: Sun, 21 Jun 2020 14:05:53 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-647132830-1592748352-sysbot+gh@w3.org>
I don't see a lot of movement on this ticket... does any implementer have an opinion about this?
It's currently blocking https://github.com/whatwg/html/pull/5574, and these same-origin policy violations are already in the wild... would be good to figure out if we see EXIF orientation/(resolution) data as a cross-origin information leak, and if it is, how to mitigate it.

-- 
GitHub Notification of comment by noamr
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/5165#issuecomment-647132830 using your GitHub account
Received on Sunday, 21 June 2020 14:05:55 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 19 October 2021 01:31:28 UTC