Yeah, that does sound messed up :S.
Perhaps IAB should be restricted to network intent whitelists? With CSP,
our basic guidance is to allow full network access and restrict via CSP
anyways.
On Fri, Apr 24, 2015 at 7:48 PM, Joe Bowser bows...@gmail.com wrote:
So, since we make this
Hey
I was looking at CB-8180, and I'm wondering what the correct behaviour for
intents being launched from URIs should be for an InAppBrowser. Should
these have free reign to open whatever, or should they also be bound by the
rules of the whitelist?
What do people think?
Joe