W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] restrict WebAuthentication API to only top level browsing context

From: Angelo Liao via GitHub <sysbot+gh@w3.org>
Date: Tue, 24 Oct 2017 22:14:11 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-339151258-1508883250-sysbot+gh@w3.org>
I recently came across a time-friendly proposal for enabling iframe. We may follow similar approach like https://www.w3.org/TR/payment-request/#paymentrequest-and-iframe-elements. All we need from the implementers is just add a new attribute to iframe and we should be set. We can mark it as non-normative to give time for browser vendors to complete the feature. Once everyone implements it (say in PR time), we can the feature a normative requirement. 

@jcjones @leshi what do you think? Adding @mikewest and @battre to be considered by credman. 

-- 
GitHub Notification of comment by AngeloKai
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/374#issuecomment-339151258 using your GitHub account
Received on Tuesday, 24 October 2017 22:14:12 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:29 UTC