- From: Ian Hickson <ian@hixie.ch>
- Date: Thu, 24 May 2007 22:54:21 +0000 (UTC)
On Thu, 9 Feb 2006, Alexey Feldgendler wrote: > What you say can be implemented, though, and it has the same underlying > requirement as the sandboxing approach that I wrote about before: > origin-tracking of every piece of script code. Here are the rules. [...] These rules, and rules like it (this is a relatively important area of security research), have performance characteristics that several browser vendors have told me are unacceptable. I think we're stuck with the current model, at least for the forseeable future. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 24 May 2007 15:54:21 UTC