File tree Expand file tree Collapse file tree 1 file changed +14
-0
lines changed Expand file tree Collapse file tree 1 file changed +14
-0
lines changed Original file line number Diff line number Diff line change @@ -13495,6 +13495,20 @@ agents in referencing specifications be linked to the
1349513495</blockquote>
1349613496
1349713497
13498+ <h2 id="priv-sec">Privacy and Security Considerations</h2>
13499+
13500+ This specification defines a conversion layer between JavaScript and IDL values. An incorrect
13501+ implementation of this layer can lead to security issues.
13502+
13503+ This specification also provides the ability to use JavaScript values directly, through the
13504+ {{any}} and {{object}} IDL types. These values need to be handled carefully to avoid security
13505+ issues. In particular, user script can run in response to nearly any manipulation of these values,
13506+ and invalidate the expectations of specifications or implementations using them.
13507+
13508+ This specification makes it possible to interact with {{SharedArrayBuffer}} objects, which can be
13509+ used to build timing attacks. Specifications that use these objects need to consider such attacks.
13510+
13511+
1349813512<h2 id="acknowledgements">Acknowledgements</h2>
1349913513
1350013514<i>This section is informative.</i>
You can’t perform that action at this time.
0 commit comments