[Bug 11203] Canvas security model does not allow for same-origin relaxation


--- Comment #8 from Boris Zbarsky <bzbarsky@mit.edu> 2010-11-03 18:27:08 UTC ---
That would be fine yes.

I don't think we want a way for site A to say that content from some other site
B should be treated as same-origin with site A without site B having opted into
it.  That way lie bad things....

Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 3 November 2010 18:27:10 UTC