Re: webappsec-ISSUE-45 ('top-only'): Is 'top-only' worth preserving? [UI Security] from Devdatta Akhawe on 2013-03-18 (public-webappsec@w3.org from March 2013)

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Mon, 18 Mar 2013 10:28:04 -0700
To: "Hill, Brad" <bhill@paypal-inc.com>
Cc: David Ross <dross@microsoft.com>, Anne van Kesteren <annevk@annevk.nl>, Ian Melven <imelven@mozilla.com>, Tobias Gondrom <tobias.gondrom@gondrom.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAPfop_3WT72TyjvN_N5d2+8UnRUOCJkPViHsbiRHs7gRCbK3xw@mail.gmail.com>

> Do any browsers (looking at Moz) have or would be able to provide telemetry illustrating if there are sites that work with top-only and would fail with ancestor-aware checks?  (just wondering about existence, not specific names)
>

The consensus on the bug seem to be that it might be ok to just push
it to the nightly/aurora channels and see if anything breaks. I might
be wrong: imelven/dveditz can correct me if needed.


--dev

Received on Monday, 18 March 2013 17:28:54 UTC