Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add section on limiting features to secure contexts #89

Merged
merged 3 commits into from
Apr 6, 2018
Merged

Add section on limiting features to secure contexts #89

merged 3 commits into from
Apr 6, 2018
+62 −0

Conversation

dbaron
Copy link
Member

@dbaron dbaron commented Apr 6, 2018

I'm opening a separate PR to replace #75 so that it can stay somewhat archived in its current state.

Based on the TAG's discussion yesterday, the conclusion was that we wouldn't come to consensus on strong advice on requiring secure contexts. Given that, @slightlyoff drafted some more explanatory text, which I've now merged with some of the still-usable advice I had in #75.

@dbaron dbaron mentioned this pull request Apr 6, 2018
Closed
@daurnimator
Copy link

daurnimator commented Apr 6, 2018
edited
Loading

One idea I've had is that things could still be allowed when accessing something in private ip space (i.e. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fd00::/8; possibly also including 127.0.0.0/8 and ::1 for local development purposes).
e.g. still allow fullscreen API for use by a NAS if the NAS is hosted at 192.168.1.10.

@torgo torgo mentioned this pull request Apr 6, 2018
Closed
travisleithead
travisleithead approved these changes Apr 6, 2018
View reviewed changes
Copy link
Contributor

@travisleithead travisleithead left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

torgo
torgo approved these changes Apr 6, 2018
View reviewed changes
Copy link
Member

@torgo torgo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@travisleithead travisleithead merged commit 15e5c17 into w3ctag:master Apr 6, 2018
@dbaron
Copy link
Member Author

dbaron commented Apr 6, 2018

@daurnimator that may be worth raising on the secure contexts spec, since it relates to the definition of a secure context, although some of those issues may be implementation specific.

@daurnimator daurnimator mentioned this pull request Apr 6, 2018
Open
@daurnimator
Copy link

@daurnimator that may be worth raising on the secure contexts spec, since it relates to the definition of a secure context, although some of those issues may be implementation specific.

Created w3c/webappsec-secure-contexts#60

@annevk
Copy link
Member

annevk commented Apr 6, 2018

Disappointing.

@littledan littledan mentioned this pull request Apr 9, 2018
Closed
@dbaron dbaron mentioned this pull request Jul 21, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@torgo torgo torgo approved these changes

@hadleybeeman hadleybeeman hadleybeeman approved these changes

@travisleithead travisleithead travisleithead approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@dbaron @daurnimator @annevk @torgo @hadleybeeman @travisleithead