Re: [compute-pressure] Does the privacy test need a same origin-domain or a same origin check? (#187) from Arnaud (Arno) Mandy via GitHub on 2023-09-28 (public-device-apis-log@w3.org from September 2023)

From: Arnaud (Arno) Mandy via GitHub <sysbot+gh@w3.org>
Date: Thu, 28 Sep 2023 13:35:18 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-1739200755-1695908116-sysbot+gh@w3.org>

It seems to be that we all agree that "same origin" is more suitable than "same origin-domain".
Furthermore more hints are showing that implementations are getting away from "same origin-domain" usage:

https://html.spec.whatwg.org/multipage/browsers.html#relaxing-the-same-origin-restriction
https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/platform/weborigin/security_origin.h;l=313;drc=933be5e5db24585647edcd7f507ba2d48c5757c8

As @rakuco pointed out also earlier, "same origin-domain" is used by fewer specs.

If no one really goes against it, I would propose the change from "same origin-domain" to  "same origin"


-- 
GitHub Notification of comment by arskama
Please view or discuss this issue at https://github.com/w3c/compute-pressure/issues/187#issuecomment-1739200755 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 28 September 2023 13:35:20 UTC