[Bug 11720] At the moment, chrome and opera thinks that iframe with source equal to data url has *not* the same origin as parent window's document. I think that this behavior is much more useful, because it can be used as a simpliest way of sandboxing of content.

• From: <bugzilla@jessica.w3.org>
• Date: Mon, 10 Jan 2011 17:32:52 +0000
• To: public-html-bugzilla@w3.org
• Message-Id: <E1PcLbw-0001lg-0s@jessica.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=11720

--- Comment #3 from Fedor Indutny <fedor@indutny.com> 2011-01-10 17:32:51 UTC ---
Anne:
What is "consistent" for you in such case?
Treat them as same origin or not?

As far as I know, Opera treats those urls as not-same-origin and prevents
access from inside and to outside.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Monday, 10 January 2011 17:32:53 UTC