- From: Zoltan Kis via GitHub <sysbot+gh@w3.org>
- Date: Mon, 17 Aug 2015 11:05:30 +0000
- To: public-web-nfc@w3.org
It uses ```scope`` in step 6 of the algorithm. On the receiving side, the scope is used by the clients directly. Since any native client could forge a web tag content (and we don't have a good solution against it), filtering based on scope is syntactic sugar - we thought it's simpler to just expose the scope to clients. In turn, we can enforce policy on sending: at least web pages cannot write a scope which is not a subdomain match of their origin. Any suggestions on changing the receiving part behavior? -- GitHub Notif of comment by zolkis See https://github.com/w3c/web-nfc/issues/32#issuecomment-131782229
Received on Monday, 17 August 2015 11:05:32 UTC