In another spec, I'd like to write:
If the <a href="http://www.w3.org/TR/html5/#incumbent-settings-object">incumbent
settings object</a> is <a href="
https://w3c.github.io/webappsec/specs/powerfulfeatures/#settings-sufficiently-secure">not
a sufficiently secure context</a>, then reject _promise_ with a
SecurityError.
Is there a reason to use the extra verbosity suggested in
https://w3c.github.io/webappsec/specs/powerfulfeatures/#new?
Thanks,
Jeffrey (or Jeff :)
On Thu, Jan 29, 2015 at 3:07 AM, Mike West <mkwst@google.com> wrote:
> Jeff noted in https://github.com/w3c/webappsec/issues/160 that it was
> more than confusing to have two checks in POWER, one for Documents, and one
> for settings objects. Since we can get to the one from the other, we should
> have one check to avoid boilerplate in every other spec.
>
> I've combined the checks into
> https://w3c.github.io/webappsec/specs/powerfulfeatures/#settings-sufficiently-secure.
> I'd appreciate feedback regarding the new text's sanity. :)
>
> Thanks!
>
> --
> Mike West <mkwst@google.com>, @mikewest
>
> Google Germany GmbH, Dienerstrasse 12, 80331 München,
> Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
> Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
> Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>