[css-houdini-drafts] Pull Request: [worklets] Fill in privacy and security sections of worklets. from Domenic Denicola via GitHub on 2020-10-16 (public-houdini-archive@w3.org from October 2020)

From: Domenic Denicola via GitHub <sysbot+gh@w3.org>
Date: Fri, 16 Oct 2020 18:10:53 +0000
To: public-houdini-archive@w3.org
Message-ID: <pull_request.labeled-114872491-None-sysbot+gh@w3.org>

domenic has just labeled a pull request from bfgeek for https://github.com/w3c/css-houdini-drafts as "worklets-1":

== [worklets] Fill in privacy and security sections of worklets. ==
Fixes #92. (better late than never? ;)

Broadly speaking worklets should be allowed in non-secure contexts as
downstream specs may want to use them there.

CSP wise this should work the same as workers, using the "child-src"
directive. I've filed issue #378 to allow each downstream spec to use a
unique destination, e.g. "paintworklet", "audioworklet", etc.

The CSP spec should probably be extended to have a "worklet-src"
directive (as there is now a "worker-src" directive now?).

See https://github.com/w3c/css-houdini-drafts/pull/379


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 16 October 2020 18:10:55 UTC