Re: [webauthn] Bug #256 - Clarify call of the "Relaxing the Same-Origin Restriction" algorithm

> That the active sandboxing flag set should be empty when the 
algorithm runs

That (changing sandboxing flags for a document on the fly) is a new 
primitive that I would really rather we didn't introduce, because it 
has pretty undesirable security properties.

GitHub Notification of comment by bzbarsky
Please view or discuss this issue at using 
your GitHub account

Received on Friday, 6 January 2017 18:26:56 UTC