Re: Fixing third party content from Yoav Weiss on 2016-03-22 (public-webappsec@w3.org from March 2016)

From: Yoav Weiss <yoav@yoav.ws>
Date: Tue, 22 Mar 2016 13:37:00 +0100
To: Craig Francis <craig@craigfrancis.co.uk>
Cc: WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CACj=BEg=fUCm=Xf50fQzgvUr868Z8-WfVUM68WCVt9+ezawdyA@mail.gmail.com>

FWIW, I totally agree that the way third party content is embedded today is
troubling from both security and performance perspectives.

Do you have any documents regarding which type of read access these ad
providers require? Are you sure read access would satisfy their needs? Are
ad providers unified regarding these requirements?

Received on Tuesday, 22 March 2016 12:37:29 UTC