[Webkit-unassigned] [Bug 11885] Cross-frame scripting checks should not restrict access to data: URLs
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jan 23 22:33:51 PST 2008
http://bugs.webkit.org/show_bug.cgi?id=11885
------- Comment #1 from sam at webkit.org 2008-01-23 22:33 PDT -------
I don't think it would be a good idea to completely remove the restriction, but
rather we need to define a safe subset of cases when cross-frame scripting with
data: URL is allowed. It would a good first step to document exactly what
Firefox and Opera do.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list