- From: <bugzilla@jessica.w3.org>
- Date: Wed, 13 Jul 2011 00:09:45 +0000
- To: public-webapps@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=13229 Summary: The following text from the "Security considerations" part of "11 IANA considerations" is wrong: "An event stream from an origin distinct from the origin of the content consuming the event stream can result in information leakage. To avoid this, user agen Product: WebAppsWG Version: unspecified Platform: Other URL: http://www.whatwg.org/specs/web-apps/current-work/#top OS/Version: other Status: NEW Severity: normal Priority: P3 Component: Server-Sent Events (editor: Ian Hickson) AssignedTo: ian@hixie.ch ReportedBy: contributor@whatwg.org QAContact: member-webapi-cvs@w3.org CC: mike@w3.org, public-webapps@w3.org Specification: http://dev.w3.org/html5/eventsource/ Multipage: http://www.whatwg.org/C#top Complete: http://www.whatwg.org/c#top Comment: The following text from the "Security considerations" part of "11 IANA considerations" is wrong: "An event stream from an origin distinct from the origin of the content consuming the event stream can result in information leakage. To avoid this, user agents are required to block all cross-origin loads." Posted from: 2620:101:8003:200:226:bbff:fe05:3fe1 User agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:8.0a1) Gecko/20110707 Firefox/8.0a1 Firefox/8.0a1 -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
Received on Wednesday, 13 July 2011 00:09:47 UTC