W3C home > Mailing lists > Public > public-secondscreen@w3.org > February 2017

[presentation-api] Pull Request: Restrict API to secure contexts

From: Mark Foltz via GitHub <sysbot+gh@w3.org>
Date: Fri, 24 Feb 2017 18:54:52 +0000
To: public-secondscreen@w3.org
Message-ID: <pull_request.opened-107887389-1487962491-sysbot+gh@w3.org>
mfoltzgoogle has just submitted a new pull request for 
https://github.com/w3c/presentation-api:

== Restrict API to secure contexts ==
Address Issue #380: Authenticity of screen selection permission is 
problematic in insecure contexts

This restricts the use of Presentation API to secure contexts through 
the use of `[SecureContext]`.  Also:

- Mixed content check is simplified
- Examples are updated to use `https:`
- Use correct term for _a priori authenticated URL_
- Remove xref to _potentially trustworthy origin_ as it's unused
- Remove discussion of insecure origin display


See https://github.com/w3c/presentation-api/pull/413
Received on Friday, 24 February 2017 18:54:59 UTC

This archive was generated by hypermail 2.3.1 : Friday, 24 February 2017 18:54:59 UTC