http://www.w3.org/TR/powerful-features/ … is a formalization of @fugueish, et al's https://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features …, locking features to secure contexts. Feedback?
-
-
@tehjh: One goal is to prevent insecurely transported contexts from executing sensitive APIs; localhost never touches the network. -
@mikewest IOW, you want to ensure authenticity. That can be broken with MITM on HTTP or by replacing the server task (which any app can do).
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.