Re: [webauthn] restrict WebAuthentication API to only top level browsing context

@AngeloKai -- I've been trying hard to dissuade people from adding additional attributes to `<iframe>` for every new feature, in favor of using the single `"allow"` attribute being defined by [Feature Policy](

I'm hoping to give spec authors a consistent, uniform means of controlling access to features in frames, and to give web developers assurances that they don't have to worry about potential subtle differences in how and when features are enabled in different contexts.

GitHub Notification of comment by clelland
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 25 October 2017 17:40:45 UTC