W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2018

Re: [webauthn] Tighten security scope by port

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 24 Apr 2018 09:53:58 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-383873709-1524563638-sysbot+gh@w3.org>
What is the reason to allow viewing `example.com` and `www.example.com` as the same domain, but not `example.com` and `example.com:1234`? The former two might not even resolve to the same address in DNS, but the latter two always will, right?

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/873#issuecomment-383873709 using your GitHub account
Received on Tuesday, 24 April 2018 09:54:00 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:32 UTC