<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - [Privileged Contexts] Enable opt-in to DeviceOrientation and DeviceMotion for HTTPS-based iframes"
href="https://bugs.webkit.org/show_bug.cgi?id=152299#c11">Comment # 11</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - [Privileged Contexts] Enable opt-in to DeviceOrientation and DeviceMotion for HTTPS-based iframes"
href="https://bugs.webkit.org/show_bug.cgi?id=152299">bug 152299</a>
from <span class="vcard"><a class="email" href="mailto:_@sphvn.com" title="Stephen Underwood <_@sphvn.com>"> <span class="fn">Stephen Underwood</span></a>
</span></b>
<pre>(In reply to <a href="show_bug.cgi?id=152299#c10">comment #10</a>)
<span class="quote">> Actually, I just thought of a different attack. Better talk to our security
> folks before I describe it :-)</span >
Will wait for you to hear back from your security team. Surely there is a way we can handle these vulnerabilities without blocking this feature.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>