W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2013

Re: [filter-effects][css-masking] Move security model for resources to CSP

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Sat, 06 Apr 2013 23:02:50 +0200
To: Anne van Kesteren <annevk@annevk.nl>
Cc: Dirk Schulze <dschulze@adobe.com>, "public-fx@w3.org" <public-fx@w3.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <e021m8h7bbaicgqm3kisikru9aoskc0nhm@hive.bjoern.hoehrmann.de>
* Anne van Kesteren wrote:
>That sounds fucked up. Deciding the fetching policy based on the
>presence of a fragment identifier in the URL is a severe layering
>violation. What if we introduce a fragment identifier to crop an
>image?

http://www.w3.org/TR/css3-images/#image-notation proposes a `image(...)`
functional notation that can be used where `url(...)` does not suffice,
and SVG 1.0 and http://www.w3.org/TR/media-frags/ already provide such
functionality, which can be used in combination with `image(...)`. I've
http://lists.w3.org/Archives/Public/www-style/2013Mar/0190.html argued
that there should be an example using `image(...)` in the masking draft
to avoid this particular confusion.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Saturday, 6 April 2013 21:03:17 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC