- From: Mike West <notifications@github.com>
- Date: Wed, 29 Apr 2020 05:12:53 -0700
- To: heycam/webidl <webidl@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 29 April 2020 12:13:05 UTC
> Is whatwg/html#5435 still something that is being pursued by Google? I think so? Either @arturjanc or @ulan pinged me about it earlier this week, and it seems like a reasonable thing to do that this would layer on top of. > Note that if you have `[CrossOriginIsolated]` there should be no need to list `[SecureContext]`. It's effectively a subset. If we keep `[SecureContext]`, I think I'd suggest that folks list both for clarity. (As part of Securer Contexts, I'd secretly like to deprecate `[SecureContext]` by making it the default, and annotating all unrestricted APIs with `[UnsafelyExposedToNetworkAttackers]` or something similar... but that's a bit off topic for this particular issue). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/heycam/webidl/issues/875#issuecomment-621162997
Received on Wednesday, 29 April 2020 12:13:05 UTC