[Webkit-unassigned] [Bug 11885] Cross-frame scripting checks should not restrict access to data: URLs
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 29 11:11:04 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=11885
Ojan Vafai <ojan at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ojan at chromium.org
--- Comment #6 from Ojan Vafai <ojan at chromium.org> 2010-03-29 11:11:04 PST ---
Some of the public-web-security discussion:
http://lists.w3.org/Archives/Public/public-web-security/2009Dec/0112.html
http://lists.w3.org/Archives/Public/public-web-security/2009Dec/0121.html
I firmly believe we should try to make the Gecko policy work, mainly for the
reasons Maciej stated in the second of those links. It makes iframes much
easier to work with.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list