- From: <bugzilla@jessica.w3.org>
- Date: Mon, 08 Aug 2011 20:23:41 +0000
- To: public-webapps@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=13373
Ian 'Hixie' Hickson <ian@hixie.ch> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |ian@hixie.ch
Resolution| |NEEDSINFO
--- Comment #1 from Ian 'Hixie' Hickson <ian@hixie.ch> 2011-08-08 20:23:40 UTC ---
How would this protect user privacy? What's the expected leak here?
As far as I can tell, SharedWorkers do not introduce a communication channel
that isn't already possible with any number of other features, e.g. IndexDB,
Web Storage, XHR, cookies, fingerprinting, walking Window hierarchies, etc.
In any case, it's up to the UA to define the scope of "user agent" — so long
as two frames aren't in the same unit of related browsing contexts, there's not
much the spec can say that would force the UA to treat the two frames as
related. Just make sure they really are separate and can never communicate, and
you're fine. (Of course, if they can communicate — e.g. by passing ports
along a chain of shared workers and iframes each step of which is allowed, even
thought the first and last participants are blocked from seeing each other
normally — then that's non-conforming.)
--
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Received on Monday, 8 August 2011 20:23:42 UTC