[tahoe-dev] new project
David-Sarah Hopwood
david-sarah at jacaranda.org
Wed Sep 5 03:40:22 UTC 2012
On 04/09/12 23:34, Brian Warner wrote:
> On 8/18/12 3:29 PM, Nathan wrote:
>>
>> Perhaps one of the "smoothest" user experiences for that particular
>> use case is to have a tahoe-lafs gateway embedded in the browser as a
>> plugin or extension. The html payload I send Alice, when opened, will
>> say "You need the Tahoe-LAFS plugin/extension/add-on to view this
>> page".
>
>> Furthermore, the same-origin issue *may* be addressable by an
>> extension.
>
> For sure. Extensions can do anything.
Well, not really. They can't fix security flaws without patching the
browser code, which is sort-of technically possible, but impractically
fragile. Fortunately, HTML5 sandbox addresses the same-origin issues at
least to the extent of being able to reliably create frames that have
their own unique origin.
--
David-Sarah Hopwood ⚥
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120905/d5c923c9/attachment.pgp>
More information about the tahoe-dev
mailing list