[Bug 11203] Canvas security model does not allow for same-origin relaxation from bugzilla@jessica.w3.org on 2010-11-03 (public-html-bugzilla@w3.org from November 2010)

From: <bugzilla@jessica.w3.org>
Date: Wed, 03 Nov 2010 18:27:08 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1PDi3A-0004we-Jo@jessica.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=11203

--- Comment #8 from Boris Zbarsky <bzbarsky@mit.edu> 2010-11-03 18:27:08 UTC ---
That would be fine yes.

I don't think we want a way for site A to say that content from some other site
B should be treated as same-origin with site A without site B having opted into
it.  That way lie bad things....

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 3 November 2010 18:27:10 UTC