[webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them from Boris Zbarsky via GitHub on 2016-11-04 (public-webauthn@w3.org from November 2016)

From: Boris Zbarsky via GitHub <sysbot+gh@w3.org>
Date: Fri, 04 Nov 2016 18:13:41 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-187403182-1478283220-sysbot+gh@w3.org>

bzbarsky has just created a new issue for 
https://github.com/w3c/webauthn:

== Please coordinate with the HTML spec to extract the relevant bits 
of the document.domain setter so you can call them ==
Currently 
https://w3c.github.io/webauthn/#dom-webauthentication-makecredential 
step 3 says to do 
https://www.w3.org/TR/html51/browsers.html#relaxing-the-same-origin-restriction
 but not quite.  Except it doesn't make it clear _which_ document, and
 it's not clear whether you actually want the interaction with 
sandboxing that the document.domain setter has, whether you actually 
want the behavior to be affected by previous document.domain sets (as 
the actual document.domain setter is) and so forth.

All this stuff should be clearly defined, ideally by:

1. Defining clearly which document you're working with.
2. Working together with the HTML spec to extract the relevant 
algorithm for your use.  If this proves impossible, because you 
actually want somewhat different behavior from the document.domain 
setter, then the algorithm needs to just be clearly defined.

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/256 using your GitHub account

Received on Friday, 4 November 2016 18:13:47 UTC