W3C home > Mailing lists > Public > www-style@w3.org > June 2013

Re: [cssom][security] Cross-origin style sheets

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Fri, 7 Jun 2013 20:36:58 -0700
Message-ID: <CAAWBYDB4Yf9pVQZcuyw-O1VfJBksV0=5-HUUVBJkhu6Rz-3Vdg@mail.gmail.com>
To: Simon Pieters <simonp@opera.com>
Cc: "www-style@w3.org" <www-style@w3.org>, Anne van Kesteren <annevk@annevk.nl>, Boris Zbarsky <bzbarsky@mit.edu> 
On Fri, Jun 7, 2013 at 5:51 AM, Simon Pieters <simonp@opera.com> wrote:
> I would appreciate review of the following change:
>
> https://dvcs.w3.org/hg/csswg/rev/b3a214e224d7
> [cssom] Disallow reading and modifying of cross-origin sheets. Integrate
> with URL and Fetch specs for xml-stylesheet and Link:. Only expose
> pre-redirect URL of a sheet.

Related to this, though perhaps not exactly CSSOM - should
cross-origin stylesheets inherit the charset from their referring
documents (or the declared charset from the referring <link>)?

~TJ
Received on Saturday, 8 June 2013 03:37:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 25 March 2022 10:08:30 UTC