You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<pclass="copyright" data-fill-with="copyright"><ahref="http://creativecommons.org/publicdomain/zero/1.0/" rel="license"><imgalt="CC0" src="https://licensebuttons.net/p/zero/1.0/80x15.png"></a> To the extent possible under law, the editors have waived all copyright
2060
2060
and related or neighboring rights to this work.
2061
-
In addition, as of 17 February 2021,
2061
+
In addition, as of 18 February 2021,
2062
2062
the editors have made this specification available under the <ahref="http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0" rel="license">Open Web Foundation Agreement Version 1.0</a>,
2063
2063
which is available at http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0.
2064
2064
Parts of this work may be from another specification document. If so, those parts are instead covered by the license of that specification document. </p>
<p>User agents cannot yet consistently seperate framed origins into processes distinct from their
2158
2158
embedders' origin.</p>
2159
-
<pclass="note" role="note"><span>Note:</span> Though some user agents support out-of-process frames, no agent supports it consistently
2160
-
across a broad range of devices and platforms. Ideally this will change over time, as the
2161
-
frame boundary <em>ought</em> to be one we can eventually consider robust.</p>
2159
+
<pclass="note" role="note"><span>Note:</span> Though some user agents support out-of-process frames<adata-link-type="biblio" href="#biblio-oopif">[OOPIF]</a>, no agent supports it
2160
+
consistently across a broad range of devices and platforms. Ideally this will change over time,
2161
+
as the frame boundary <em>must</em> be one we can eventually consider robust.</p>
2162
2162
</ol>
2163
2163
<p>With this in mind, our general assumption will be that an origin gains access to any resource which
2164
-
it renders (including images, stylesheets, scripts, frames, etc).</p>
2164
+
it renders (including images, stylesheets, scripts, frames, etc). Likewise, embedded frames gain
2165
+
access to their ancestors' content.</p>
2165
2166
<pclass="issue" id="issue-340f57a5"><aclass="self-link" href="#issue-340f57a5"></a><adata-link-type="biblio" href="#biblio-coi-threat-model">[COI-THREAT-MODEL]</a> spells out more implications. Bring them in here for more nuance.</p>
0 commit comments