Re: Referrer Policy: Same-origin URIs

> But such capability URLs that persist in the address bar are also
> likely to be accidentally leaked by users when taking screenshots /
> screencasting, end up in browsing histories, and may end up in crash
> logs submitted to vendors (Mozilla, for example, collects crash URLs).

Oops, I didn't finish this tought: my point was that if they are
sensitive enough to need protection from their own origin, perhaps
it'd be best not to keep them in long-lived URLs because of these
other risks?

/mz

Received on Saturday, 8 November 2014 22:40:45 UTC