6
edits
Security/CSP/Confidentiality: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| Line 33: | Line 33: | ||
The current plan is to disable all data: URI iframe/worker loads as soon as a confidentiality primitive is present. | The current plan is to disable all data: URI iframe/worker loads as soon as a confidentiality primitive is present. | ||
One concern is to take care of all possible corner cases. For example, the document might modify window.history and the user's clicking back might leak data. | |||
|Feature ux design=n.a. | |Feature ux design=n.a. | ||
}} | }} | ||