- From: Nick Vidal <nick@iss.im>
- Date: Mon, 6 Sep 2010 15:48:17 -0300
>> By bookmark, I mean the Webtop being able to read the current location >> of the website and saving that to the server-side. By save a session, >> I mean the Webtop being able to read the location of all iframes it >> created and saving that to the server-side for later retrieval. > > Reading the location of an iframe across origins is a security > vulnerability. ?We're not going to allow that. ?You're of course free > to remember where you directed the frame initially, but you won't be > able to figure out what URL the frame is currently displaying. Does it really represent a security vulnerability? Even when the Webtop is a trusted-source? And if allow-bottom-navigation is a vulnerability, wouldn't allow-top-navigation be one too?
Received on Monday, 6 September 2010 11:48:17 UTC