- From: Arve Bersvendsen <arveb@opera.com>
- Date: Thu, 04 Dec 2008 15:51:50 +0100
- To: "Thomas Roessler" <tlr@w3.org>, "Arve Bersvendsen" <arveb@opera.com>
- Cc: public-webapps@w3.org, "Arthur Barstow" <art.barstow@nokia.com>
On Thu, 04 Dec 2008 15:42:46 +0100, Thomas Roessler <tlr@w3.org> wrote: > > Have you considered what the requirements would be for external > resources, e.g., scripts sourced through a script tag? That would have to be determined by a security model that applies to the signed package. Opera's implementation could for instance allow: <script src="https://good.example.com/script.js"></script> ... while it could deny <script src="http://bad.example.com/script.js"></script> -- Arve Bersvendsen Developer, Opera Software ASA, http://www.opera.com/
Received on Thursday, 4 December 2008 14:52:35 UTC