Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) from Jim Manico on 2015-02-09 (public-webappsec@w3.org from February 2015)

From: Jim Manico <jim.manico@owasp.org>
Date: Mon, 9 Feb 2015 20:31:54 +0100
To: Brad Hill <hillbrad@gmail.com>
Cc: Mike West <mkwst@google.com>, Brian Smith <brian@briansmith.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <4734477709330405477@unknownmsgid>

> I don't think there is a realistic opportunity to create a market for N different and incompatible flavors of "secure" placement

With respect, this is a core need from advertisers which heavily funds
the free web. If this is not addressed, advertisers will try to
circumvent standards and go for the holes. I'd rather see a more
verbose standard that addresses this need so they stay "in the fold".

Feeling dirty.

Aloha,
--
Jim Manico
@Manicode
(808) 652-3805

> On Feb 9, 2015, at 8:23 PM, Brad Hill <hillbrad@gmail.com> wrote:
>
> I don't think there is a realistic opportunity to create a market for N different and incompatible flavors of "secure" placement

Received on Monday, 9 February 2015 19:32:22 UTC