Also sounds like a good step/topic in the "getting started" guides.
-- Marcel Kinard
On 11/1/2012 8:36 PM, Dave Johnson wrote:
Yup agree it should whitelist nothing but it also needs to be very clear in
the log when we block a request that it's due to the whitelist.
On Thursday, November 1, 2012, Shazron wrote:
I concur with Kevin. It won't be much of a whitelist if no one uses it -- I
would argue that if you set it to "*" by default, no dev will (usually)
change that, especially if they don't know there is a whitelist in the
first place.
On Thu, Nov 1, 2012 at 4:48 PM, Kevin Hawkins <
kevin.hawkins.cord...@gmail.com <javascript:;>> wrote:
From a security perspective, I'm partial to the iOS (nothing) default,
recognizing of course that there are certain usability drawbacks to that
approach.
On Thu, Nov 1, 2012 at 4:34 PM, Filip Maj <f...@adobe.com <javascript:;>>
wrote:
Quick q: how come Android + BB's whitelists by default whitelist
everything (*), but iOS does the opposite (whitelist nothing)?
I'd like to see this unified across all platforms we support.
