On Wed, Feb 12, 2014 at 10:21 AM, Mike West <mkwst@google.com> wrote: > Happily, I'm not on Google's infra security team, so I can suggest that > Google should be more careful about a) scoping APIs to origins, and b) not > allowing arbitrary callbacks, while remaining blissfully unaware of the work > that would be involved in doing so. :) Given CORS using JSONP seems bad. Are there still too many legacy user agents? -- http://annevankesteren.nl/Received on Wednesday, 12 February 2014 10:40:46 UTC
This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC