RE: action-334, issue-112, a summary on sub-domains for exceptions from Mike O'Neill on 2013-01-05 (public-tracking@w3.org from January 2013)

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Sat, 5 Jan 2013 14:46:58 -0000
To: <public-tracking@w3.org>
Message-ID: <08ea01cdeb53$83ae17d0$8b0a4770$@baycloud.com>

Hi Shane,

 

There is no attempt here to over-architect, the problem is coming up with a
mechanism that doesn't involve abandoning the same origin rule. The
same-party array method also does that but it is limited to an explicit
public list which can be audited, so probably OK. We could ask for
user-agents to insist that both domains referenced each other in their
same-party arrays as a further safeguard if necessary.

 

Mike

Received on Saturday, 5 January 2013 14:47:31 UTC