W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2013

Re: [filter-effects][css-masking] Move security model for resources to CSP

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Fri, 31 May 2013 13:46:08 -0400
Message-ID: <51A8E1E0.1060402@mit.edu>
To: Dirk Schulze <dschulze@adobe.com>
CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
On 5/31/13 1:22 PM, Dirk Schulze wrote:
> For <use>, there could indeed be data stored in elements that in theory can be read. This problem might be solveable with the redesign for <use> in the future. Means we would need special treatments for <use> for now :/.

Though note that masks and clips might have similar issues because you 
can hit-test to read information out of them.

-Boris
Received on Friday, 31 May 2013 17:46:41 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC