- From: <bugzilla@jessica.w3.org>
- Date: Mon, 15 Sep 2014 17:53:51 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25923 --- Comment #25 from Anne <annevk@annevk.nl> --- (In reply to David Dorwin from comment #24) > Neither task could be executed until the user has responded - this would add > an unknown delay. (You could argue that this is once per user, but we also > want to handle any other permission dialogs in the same way.) That depends on the user agent implementation. > Reusing "maybe" and create() also avoids leaking state, including whether > the CDM was previous installed (by another origin). Is state not leaked either way due to timing attacks? Not having "maybe" seems to leak less state if the site treats the browser as an opaque entity. Or is the proposal to always return "maybe" in all implementations before create() is invoked? -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Monday, 15 September 2014 17:53:53 UTC