- From: Domenic Denicola <d@domenic.me>
- Date: Fri, 2 Dec 2016 01:48:41 +0000
- To: Zac Spitzer <zac.spitzer@gmail.com>
- Cc: "whatwg@whatwg.org" <whatwg@whatwg.org>, Ian Hickson <ian@hixie.ch>, "Michael A. Peters" <mpeters@domblogger.net>
From: Zac Spitzer [mailto:zac.spitzer@gmail.com] > how about rather than requiring this on every <a> why not support a base tag directive for the whole document i.e. <base rel="noopener">, similar to <base target="_blank">? Yes, this is a good idea to include in a general framework for imposing such self-restrictions on your page, such as CSP: https://github.com/w3c/webappsec/issues/139.
Received on Friday, 2 December 2016 01:49:15 UTC