W3C Invites Implementations of Widget Access Request Policy

Author(s) and publish date


The Web Applications Working Group invites implementation of the Candidate Recommendation of Widget Access Request Policy. User agents running widgets are expected to provide access to potentially sensitive APIs (phone book, calendar, file system, etc.) that expose data which should not be exposed without the user's consent. The purpose of this specification is to define the security model for network interactions from within a widget that has access to sensitive information. It provides means for a widget to declare its intent to access specific network resources so that a policy may control it. Follow the group's development of an implementation report and learn more about the Rich Web Client Activity.

Related RSS feed