On Tue, Jun 8, 2010 at 1:17 PM, Adam Barth <w3c at adambarth.com> wrote: > Yes, doing this correctly is quite subtle. I'd pitch the feature more > as developer connivence rather than for security. Apps that are > hosted in the same origin need to trust each other. That is what we were planning on. - a