Re: Single Trust and Same-Origin Policy v2

On Mon, Mar 27, 2017 at 2:49 AM, Mike West <mkwst@google.com> wrote:

> If single trust gives real advantage to developers, I worry that it will
> simply devolve into delegating a set of subdomains to a third-party (`
> ads.example.com`, `provider1.ads.example.com`, `provider2.ads.example.com`,
> and so on). Given revenue concerns, the slope doesn't seem that slippery. :)
>

​That is exactly how we ended up with document.domain, or maybe
document.domain came first and thirdparty.netscape.com followed immediately
after. At the very least it will require mutual opt-in (as we learned with
document.domain) and even then seems problematic.

-Dan Veditz

Received on Monday, 27 March 2017 20:50:21 UTC