Re: [w3c/FileAPI] Proposal: Add a crossOrigin option to Blob (Issue #192) from David Dworken on 2023-02-22 (public-webapps-github@w3.org from February 2023)

From: David Dworken <notifications@github.com>
Date: Wed, 22 Feb 2023 14:54:06 -0800
To: w3c/FileAPI <FileAPI@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/FileAPI/issues/192/1440954431@github.com>

Hi all! I work with @shhnjk at Google, and have been thinking about an alternate API shape that is more broadly applicable while still solving many of the same goals. At a high level, my proposal is to:

1. Support a new `allow-unique-origin` sandbox flag that can be used with both CSP sandbox and `iframe#sandbox`
2. Add support for attaching response headers to created Blobs 

You can see the full details in [Sandbox allow-unique-origin and customizing Blob response headers](https://gist.github.com/ddworken/309363b5d140bcc5ff6b39fa4a8d7a12). I'm curious to hear folks thoughts on this alternative shape which enables creation of unique origins for iframes and HTML responses. 

cc: @mikewest @arturjanc 

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/FileAPI/issues/192#issuecomment-1440954431
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/FileAPI/issues/192/1440954431@github.com>

Received on Wednesday, 22 February 2023 22:54:18 UTC