- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Fri, 21 Jun 2013 16:15:30 +0900
- To: Charles McCathie Nevile <chaals@yandex-team.ru>
- Cc: Marcos Caceres <mcaceres@mozilla.com>, WebApps WG <public-webapps@w3.org>
On Wed, Jun 19, 2013 at 7:39 PM, Charles McCathie Nevile <chaals@yandex-team.ru> wrote: > One of the scenarios I have in mind is where a few apps from an origin use > some common stuff. Which is obviously increasing the attack surface in the > way that you mention, but if the same people are forced to use different > origins for stuff that is copy-pasted across then I am not sure we are > really exposing anything new except a requirement to buy more domains... Well, sharing data via messages rather than having actual shared data is a big benefit security-wise. Because the boundary is there by default, you instead need to think about what to expose to other applications and what is safe. You'll also scale better as you can more easily integrate with services running on other systems. -- http://annevankesteren.nl/
Received on Friday, 21 June 2013 07:15:56 UTC