W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Re: [MIX] 5.1 Does settings object restrict mixed content?

From: Mike West <mkwst@google.com>
Date: Thu, 30 Oct 2014 20:32:17 +0100
Message-ID: <CAKXHy=fy8a+bOwb3enxF2e2kQt4SGPB-grQhm_E+0RoUiQZh7Q@mail.gmail.com>
To: Ian Hickson <ian@hixie.ch>
Cc: Anne van Kesteren <annevk@annevk.nl>, WebAppSec WG <public-webappsec@w3.org>
(Starting down this road in
https://github.com/w3c/webappsec/commit/06a8ddc723242a5518b7f3a75d9835dc21301f43
).

--
Mike West <mkwst@google.com>
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91

Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

On Thu, Oct 30, 2014 at 8:25 PM, Mike West <mkwst@google.com> wrote:

> Given a document, it's not clear how to walk its ancestor chain without
> referring to browsing contexts. I might very well be missing something: if
> I'd like to check whether the document that's embedding me (or the document
> that's embedding my parent) has some bit of state, how should I go about
> doing it?
>
> -mike
>
> --
> Mike West <mkwst@google.com>
> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>
> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
> Registergericht und -nummer: Hamburg, HRB 86891
> Sitz der Gesellschaft: Hamburg
> Geschäftsführer: Graham Law, Christine Elizabeth Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>
> On Thu, Oct 30, 2014 at 7:26 PM, Ian Hickson <ian@hixie.ch> wrote:
>
>> On Thu, 30 Oct 2014, Anne van Kesteren wrote:
>> > On Thu, Oct 30, 2014 at 5:40 PM, Ian Hickson <ian@hixie.ch> wrote:
>> > > Sure, but why is /b relevant to /a in this example? They're unrelated,
>> > > no?
>> >
>> > Yeah, but the browsing context is the same. The browsing context terms
>> > such as browsing context container, nested browsing context, etc.
>> > represents a sequence of documents whereas for some scenarios you just
>> > want to look at a document and not its browsing context whose active
>> > document might be something else.
>> >
>> > So e.g. if you have a browsing context that has two documents associated
>> > with it. And the first of those documents has an nested browsing
>> > context. And you want to make an assertion of sorts about that nested
>> > browsing context's top-level browsing context, it may no longer have a
>> > nested browsing context.
>>
>> Generally speaking we should be talking about the document, not the
>> browsing context, sure.
>>
>> --
>> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
>> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
>> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
>>
>>
>
Received on Thursday, 30 October 2014 19:33:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC