[Bug 29533] Add 'Security Considerations' and 'Privacy Considerations' sections


Anne <annevk@annevk.nl> changed:

           What    |Removed                     |Added
                 CC|                            |annevk@annevk.nl

--- Comment #1 from Anne <annevk@annevk.nl> ---
One thing you want to mention here is that APIs that allow observing things of
stylesheets, e.g., subresource loading (service workers, resource timing), need
to be aware that if a stylesheet itself was not loaded using "cors" and is
cross-origin, leaking data of those subresources is a same-origin policy

That's really a generic issue for CSS, but it seems CSSOM is the grab bag for
actually defining the model as to how CSS works.

You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 15 March 2016 16:18:59 UTC