Re: [css-houdini-drafts] [css-paint-api] CSS Paint API leaks browsing history from Alan Jeffrey via GitHub on 2018-08-13 (public-houdini-archive@w3.org from August 2018)

From: Alan Jeffrey via GitHub <sysbot+gh@w3.org>
Date: Mon, 13 Aug 2018 18:56:29 +0000
To: public-houdini-archive@w3.org
Message-ID: <issue_comment.created-412626256-1534186588-sysbot+gh@w3.org>

Hi @deian, it's a small world. (I'm the implementor of the paint API in Servo.) FWIW I agree with the approach in the paper, of keeping a separate visited store per security domain. If we did it per-eTLD+1 then this would line up nicely with content processes.

-- 
GitHub Notification of comment by asajeffrey
Please view or discuss this issue at https://github.com/w3c/css-houdini-drafts/issues/791#issuecomment-412626256 using your GitHub account

Received on Monday, 13 August 2018 18:56:30 UTC