- From: <bugzilla@jessica.w3.org>
- Date: Tue, 27 Aug 2013 04:29:40 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=21203 --- Comment #18 from David Dorwin <ddorwin@google.com> --- (In reply to comment #15) > Changeset -> https://dvcs.w3.org/hg/html-media/rev/69dbfb8baca8 Thanks. A few minor comments. * (As long as we enforce the standard paths and don't allow side channels or other sources of data,) keymessage should be implicitly same origin. (Any type of stored or shared keys could cause problems, but that should probably be addressed explicitly.) * Not changing keymessage also keeps all the origin/media data issues in HTMLMediaElement and out of MediaKeySession. * The subject for the text beginning with "or use the crossorigin attribute..." is "media data". Should the subject be the UA, application, author, or something else? * The crossorigin anchor should be "attr-media-crossorigin" instead of "attr-img-crossorigin". * Do we need to address MSE (and XHRs) or is that implicitly (and sufficiently) addressed by crossorigin? * Did step 5 of section 4.2 need to be changed? We don't fire an event, so origin seems irrelevant. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Tuesday, 27 August 2013 04:29:41 UTC