- From: Johann Hofmann <notifications@github.com>
- Date: Thu, 09 Mar 2023 06:59:19 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 9 March 2023 14:59:31 UTC
Thanks Anne, > That's not good for security. I'm not sure if you are up to date with the changes we made on the proposal to both require CORS on subresource requests as well as require rSA calls for iframes to opt into this. I don't think there's a significant risk to B's security here. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/808#issuecomment-1462204679 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/808/1462204679@github.com>
Received on Thursday, 9 March 2023 14:59:31 UTC