On Thu, 04 Aug 2011 14:55:48 +0200, Thomas Roessler <[email protected]> wrote:
The other observation would be that this approach permits any web site
to serve as a communication channel between arbitrary unique origin
contexts, in arbitrary browser instances. That effect seems contrary to
the goal of unique origins to me, which is exactly to limit the
communication paths available. This strikes me as a feature that's more
likely to show up in obscure attacks (or bugs) than in legitimate code.
I'd find it more intuitive if a unique origin (at least as currently
defined) would lead to a hard failure for now. There might be more
sophisticated things one can do about unique (or perhaps public-key
based?) origins in the future, but just using "null" isn't one of them.
Can you make this concern more concrete?
We discussed this before. The use case is a sandboxed widget that uses a
credentialed search API. Since the search API uses the credentials for
ordering the results there is not much of an issue.
--
Anne van Kesteren
http://annevankesteren.nl/
