Re: Copy to Clipboard - ambush and abuse by javascript from Paul Libbrecht on 2010-06-03 (www-tag@w3.org from June 2010)

From: Paul Libbrecht <paul@activemath.org>
Date: Thu, 3 Jun 2010 17:50:18 +0200
To: Tim Berners-Lee <timbl@w3.org>
Cc: nathan@webr3.org, Noah Mendelsohn <nrm@arcanedomain.com>, "www-tag@w3.org" <www-tag@w3.org>, John Kemp <john@jkemp.net>
Message-Id: <95F2F2FA-2F30-481D-8922-EADEDD7856F7@activemath.org>

Le 03-juin-10 à 17:33, Tim Berners-Lee a écrit :

> So a user may decide to trust -- well to allow, on balance -- the  
> scripts from a given domain, while they will have advantages and  
> disadvantages.  So the browser has to build up a list of user- 
> trusted script sites?

Where's the scripts of the originating site?
What if the originating site delivers scripts from tynt.com?

Not sure origin is good, unless with some signatures...

paul

Attachments

application/pkcs7-signature attachment: smime.p7s

Received on Thursday, 3 June 2010 15:50:54 UTC