[whatwg] Script origin tracking
ian at hixie.ch
Thu May 24 15:54:21 PDT 2007
On Thu, 9 Feb 2006, Alexey Feldgendler wrote:
> What you say can be implemented, though, and it has the same underlying
> requirement as the sandboxing approach that I wrote about before:
> origin-tracking of every piece of script code. Here are the rules. [...]
These rules, and rules like it (this is a relatively important area of
security research), have performance characteristics that several browser
vendors have told me are unacceptable. I think we're stuck with the
current model, at least for the forseeable future.
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg