- From: Zoltan Kis via GitHub <sysbot+gh@w3.org>
- Date: Fri, 13 Mar 2015 18:30:46 +0000
- To: public-web-nfc@w3.org
_From @jyasskin on February 18, 2015 23:22_ I agree with all that with one nit. The user may trust https://toplevel.com/ to access their NFC tag, but not https://manufacturer.com/. It'd be nice if the protocol doesn't force everyone to send breadcrumbs back to the manufacturer. (Clearly the manufacturer can force it by only whitelisting themselves, but I don't want them to be able to use our spec as an excuse.) Moving farther afield, we'd want something like [`<iframe allowfullscreen>`](https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-allowfullscreen) to let top-level pages explicitly forward their permission on to their iframes. @adrifelt is working on a more generic way to do this. -- GitHub Notif of comment by zolkis See https://github.com/w3c/web-nfc/issues/2#issuecomment-79224970
Received on Friday, 13 March 2015 18:31:09 UTC