- From: Ian Clelland <notifications@github.com>
- Date: Thu, 24 Aug 2017 15:09:50 +0000 (UTC)
- To: w3c/IndexedDB <IndexedDB@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 24 August 2017 15:10:13 UTC
Agreed, making IndexedDB a policy-controlled feature would restrict it in cross-origin content by default, and allow the embedder to selectively allow it per-frame or per-origin as needed. For workers, the situation should be the same -- but since they're always same-origin, what you should be able to do is *disable* the API in the worker as needed. I haven't completely specced the way that policies should apply to workers, but dedicated workers should be analogous to framed content. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/IndexedDB/issues/141#issuecomment-324664164
Received on Thursday, 24 August 2017 15:10:13 UTC