RE: What is a secure page?

I can think of a clarification and two more cases to think about.

First, when you say all the content on a page is protected, does that
imply it is all from the same site? (same in the sense of the XSS rules,
e.g. *.example.com)

Second, what about pages with frames. Presumably all the frames are
considered a page, but I believe frames can be updated individually.
What happens if one frame goes insecure? 

Similar questions apply to an Ajax application. What happens if an
update is not secure?

Hal

> -----Original Message-----
> From: public-wsc-wg-request@w3.org
[mailto:public-wsc-wg-request@w3.org]
> On Behalf Of George Staikos
> Sent: Sunday, January 21, 2007 10:24 PM
> To: W3 Work Group
> Subject: Re: What is a secure page?
> 
> 
> 
> Hmm does that mean that the location/url bar is going into the tab
> too? :-)
> 
> On 17-Jan-07, at 9:35 AM, Stuart E. Schechter wrote:
> 
> >
> >>>    The FireFox 2 tabs contain a window close button that used to
> >>> be part
> >> of
> >>> the window frame.  Presumably they were moved here because users
> >>> didn't
> >>> understand, or weren't comfortable with, the model in which a
> >>> close icon
> >> for
> >>> the window closed a tab.
> >>
> >> So that sounds like data that could be used to argue the scoping is
> >> effective.
> >>
> >>         Mez
> >
> >    I don't understand the logic there.  Firefox 2 is moving away
> > from the
> > model in which users are presumed to understand that all browser
> > buttons
> > within a window apply to the current tab.  They are moving to a
> > model in
> > which you have to explicitly show the user that the button applies
> > to the
> > tab by putting it into the tab itself.  How would you argue that
> > this change
> > supports the effectiveness of the scoping?
> >
> >
> >
> 
> --
> George Staikos
> KDE Developer				http://www.kde.org/
> Staikos Computing Services Inc.		http://www.staikos.net/
> 
> 
>

Received on Tuesday, 30 January 2007 15:32:18 UTC