W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2013

Re: webappsec-ISSUE-45 ('top-only'): Is 'top-only' worth preserving? [UI Security]

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Mon, 18 Mar 2013 10:28:04 -0700
Message-ID: <CAPfop_3WT72TyjvN_N5d2+8UnRUOCJkPViHsbiRHs7gRCbK3xw@mail.gmail.com>
To: "Hill, Brad" <bhill@paypal-inc.com>
Cc: David Ross <dross@microsoft.com>, Anne van Kesteren <annevk@annevk.nl>, Ian Melven <imelven@mozilla.com>, Tobias Gondrom <tobias.gondrom@gondrom.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
> Do any browsers (looking at Moz) have or would be able to provide telemetry illustrating if there are sites that work with top-only and would fail with ancestor-aware checks?  (just wondering about existence, not specific names)

The consensus on the bug seem to be that it might be ok to just push
it to the nightly/aurora channels and see if anything breaks. I might
be wrong: imelven/dveditz can correct me if needed.

Received on Monday, 18 March 2013 17:28:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:31 UTC