- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 04 Oct 2011 15:17:29 -0400
On 10/4/11 3:14 PM, Anne van Kesteren wrote: > On Tue, 04 Oct 2011 21:06:29 +0200, Boris Zbarsky <bzbarsky at mit.edu> wrote: >> Yes; the point of specifying crossorigin is to opt in to the security >> model we think the web _should_ have but that we can't roll out across >> the board. Yet. > > Well, what you think it should have is not shared by me. That's fine. Then you need a better proposal for the various security bugs involved. I'm all ears. -Boris
Received on Tuesday, 4 October 2011 12:17:29 UTC