@slightlylate Interested in your thoughts about possibilities of content-aware-storage with Subresource Integrity wrt to some of this.
-
-
-
@hillbrad: There could certainly be perf impact, but I'm just as interested in@lcamtuf's thoughts about exploitability.@slightlylate
End of conversation
New conversation -
-
-
@lcamtuf: Right. I worry about origins. "This Flash file _totally_ is hosted on your server! Pinky swear!"@hillbrad@slightlylateThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@slightlylate Neato. Got a new tablet for plane trips yesterday and chrome://flags -> 'enable SW' was my first pageload. :)Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@lcamtuf: Oh, come on. You loved it on the list!@hillbrad@slightlylate -
@mikewest@lcamtuf@slightlylate I would presume that a CORS policy would be required, of course. - 5 more replies
New conversation -
-
-
@lcamtuf: Also breaks origin-based defense in depth, like CSP. So, I'm on the fence.@hillbrad@slightlylateThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@lcamtuf: Totally worth experimenting with, though, behind a flag.@hillbrad@slightlylateThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.