[Webkit-unassigned] [Bug 34296] Provide a way for WebKit clients to specify a more granular policy for cross-origin frame access
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jan 29 20:16:57 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=34296
Adam Barth <abarth at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |abarth at webkit.org
--- Comment #3 from Adam Barth <abarth at webkit.org> 2010-01-29 20:16:55 PST ---
I don't think this patch is a good idea. In particular, asymmetric access
relations are the source of many security vulnerabilities. For more
information, please read:
http://www.adambarth.com/papers/2009/barth-jackson-li.pdf
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list