- From: Zoltan Kis via GitHub <sysbot+gh@w3.org>
- Date: Thu, 20 Aug 2015 07:29:51 +0000
- To: public-web-nfc@w3.org
> Otherwise, I'd go with not allowing cross-origin at all. That would mean web pages can only read content (coming from peers or tags) which was written by them. I think that is too much limitation. We kind of deprive users from using (most of) NFC because we don't want to disturb them :). Yet this still leaves a lot of use cases possible. IMO the spec itself should be concerned with stating the need for obtaining permissions rather than specifying prompting policies which may be platform dependent. On the other hand, the spec actually states that the browser security mechanisms are used, i.e. NFC content is handled the same way as any other content (vs cross-origin access). -- GitHub Notif of comment by zolkis See https://github.com/w3c/web-nfc/issues/3#issuecomment-132917574
Received on Thursday, 20 August 2015 07:29:54 UTC