- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 16 Apr 2008 22:35:41 +0000 (UTC)
- To: Jonas Sicking <jonas@sicking.cc>
- Cc: Boris Zbarsky <bzbarsky@MIT.EDU>, Lachlan Hunt <lachlan.hunt@lachy.id.au>, "Web APIs WG (public)" <public-webapi@w3.org>
On Wed, 16 Apr 2008, Jonas Sicking wrote: > Boris Zbarsky wrote: > > > > I think that you should just require that if the UA implements :link > > and :visited at all any link must match one or the other. Which one > > is up to the UA. That allows UAs to impose security policies as > > needed while still allowing authors to match all links with ":link, > > :visited". > > This sounds like an excellent idea to me. I agree that the above proposal is the most sensible one so far. It allows any solution to the privacy issue without compromising on the core invariant of the two pseudo-classes and without sacrificing any potential use cases. It even handles the case of a UA wanting to make site-local links follow the pseudos but site-global links not leak information. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 16 April 2008 22:36:22 UTC