http://www.w3.org/TR/powerful-features/ … is a formalization of @fugueish, et al's https://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features …, locking features to secure contexts. Feedback?
@mikewest Would that also land on Android? Because at least there, anything on a port >=1024 on localhost IMO shouldn't count as secure.
-
-
@tehjh: In Chrome's current implementation, yes. Why would you suggest locking locally installed apps out of APIs? -
@mikewest IIRC any app on Android can bind to ports >=1024. Whoever grabs the port first gets it. So the user would need to trust all apps. - 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.