- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Wed, 20 Apr 2011 22:09:14 -0400
- To: public-webapps@w3.org
On 4/20/11 3:54 PM, Tab Atkins Jr. wrote: > Please correct me if I'm missing something, but I don't see any new > privacy-leak vectors here. Without Shared Workers, 3rdparty.com can > just hold open a communication channel to its server Unless you have a firewall or proxy that prevents that particular site (via blacklist or whitelist) from doing that. Or unless you have a browser extension that prevents such things. So shared workers are in fact adding a new vector: browser extensions will need to be changed to handle them, and they can't be dealt with at all via wirewalls or proxies. -Boris
Received on Thursday, 21 April 2011 02:09:42 UTC