W3C home > Mailing lists > Public > www-tag@w3.org > March 2015

Re: Sub-domain granularity: the poverty of the domain name as the only hook for security

From: Anne van Kesteren <annevk@annevk.nl>
Date: Mon, 16 Mar 2015 14:36:32 +0100
Message-ID: <CADnb78h_sGrYWERM47zeY55L3BwfKDC4C9Dostk7auS_ik7zzg@mail.gmail.com>
To: Tim Berners-Lee <timbl@w3.org>
Cc: Public TAG List <www-tag@w3.org>, Mark Nottingham <mnot@mnot.net>
On Mon, Mar 16, 2015 at 2:28 PM, Tim Berners-Lee <timbl@w3.org> wrote:
> Similarly the Same Origin Policy in general is very hampering and in that it
> only works at the domain level not at any path level.   It would have been
> not very much harder to set both of them up to work on subtrees within the
> domain, and both would have been much more powerful and useful.  I propose
> they both be fixed in future.

https://www.chromium.org/developers/design-documents/per-page-suborigins
might be of interest. It's not exactly an easy problem to solve
though.


-- 
https://annevankesteren.nl/
Received on Monday, 16 March 2015 13:36:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:10 UTC