- From: Daniel Veditz <dveditz@mozilla.com>
- Date: Sun, 09 Nov 2014 22:17:22 -0800
- To: Jim Manico <jim.manico@owasp.org>, Brian Smith <brian@briansmith.org>
- CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
On 11/9/2014 4:40 PM, Jim Manico wrote: > This is a bit tangential, but for future versions of the standard, I'd > love to be able to limit where simple links are allowed to go. For > example, perhaps I want to limit a site from only being allow to link to > my domain or subdomain. I'm just thinking, what else can we limit in the > browser to lower the attack surface? We are considering adding controls inspired by David Ross's "Entry Point Regulation" idea. Is that along the lines of what you were thinking? http://randomdross.blogspot.com/2014/08/entry-point-regulation-for-web-apps.html -Dan Veditz
Received on Monday, 10 November 2014 06:17:54 UTC