- From: Cécile Muller <contact@wildpeaks.fr>
- Date: Sun, 24 Jul 2016 01:02:47 +0200
- To: public-webvr@w3.org
Received on Sunday, 24 July 2016 00:59:57 UTC
Hi list, I worry that leaving it visible on all the time will teach the user to ignore it (like ads sidebars and cookie banners), thus nullifying the negative effect of leaving it on all the time compared to https sites. On the other hand, CORS and CSP already exist to specify what resources can and can't be loaded from a given website; maybe we could use those to restrict what contents are allowed? See you, Cecile
Received on Sunday, 24 July 2016 00:59:57 UTC