Re: [webauthn] Bug #256 - Clarify call of the "Relaxing the Same-Origin Restriction" algorithm from Boris Zbarsky via GitHub on 2017-01-06 (public-webauthn@w3.org from January 2017)

From: Boris Zbarsky via GitHub <sysbot+gh@w3.org>
Date: Fri, 06 Jan 2017 18:26:49 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-270969473-1483727206-sysbot+gh@w3.org>

> That the active sandboxing flag set should be empty when the 
algorithm runs

That (changing sandboxing flags for a document on the fly) is a new 
primitive that I would really rather we didn't introduce, because it 
has pretty undesirable security properties.

-- 
GitHub Notification of comment by bzbarsky
Please view or discuss this issue at 
https://github.com/w3c/webauthn/pull/319#issuecomment-270969473 using 
your GitHub account

Received on Friday, 6 January 2017 18:26:56 UTC