W3C home > Mailing lists > Public > public-script-coord@w3.org > January to March 2016

[Bug 22346] Security: Check origins when invoking a method, getter, or setter on an object using the property descriptor of another

From: <bugzilla@jessica.w3.org>
Date: Mon, 18 Jan 2016 12:10:05 +0000
To: public-script-coord@w3.org
Message-ID: <bug-22346-3890-huldRQoBZH@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=22346

--- Comment #13 from Anne <annevk@annevk.nl> ---
The section Implement IDL's "perform a security check" of
https://github.com/annevk/html-cross-origin-objects#implement attempts to solve
this.

The only remaining issue is Window vs WindowProxy. I'm not entirely sure how to
resolve that. bz, heycam, ideas?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Monday, 18 January 2016 12:10:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC