- From: Ian Davis <ian.davis@talis.com>
- Date: Tue, 18 Apr 2006 18:39:06 +0100
- To: Ian Hickson <ian@hixie.ch>
- CC: Bjoern Hoehrmann <derhoermi@gmx.net>, public-webapi@w3.org
On 18/04/2006 18:14, Ian Hickson wrote: > I'm not sure that's simpler, but more importantly, I would suggest that is > out of scope for this specification. You may be interested in work that > Gervase Markham has been doing on this topic: > > http://www.gerv.net/security/content-restrictions/ > > ...as well as discussions of a <sandbox> element in the WHATWG list, e.g.: > > http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2005-December/005294.html > Those are interesting ideas but my proposal is specifically to limit the scope of which 3rd party hosts can be accessed by the XHR object. Why is that out of scope? Ian
Received on Tuesday, 18 April 2006 17:39:19 UTC