- From: jsalowey via GitHub <sysbot+gh@w3.org>
- Date: Mon, 12 Oct 2020 04:52:34 +0000
- To: public-css-archive@w3.org
Adding this to the list of resources to address for CORS and CSP sound like a good idea. Much better to handle this generically. There will be some added attack surface exposed by the processing of the color profiles, however the file format does not have potentially dangerous functionality such as scripting. It would be a good to review and fuzz implementations that handle this format, but I'm not sure that is something that goes in this spec. -- GitHub Notification of comment by jsalowey Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/5552#issuecomment-706858176 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 12 October 2020 04:52:36 UTC