Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add information about scope of policy to the Introduction #32

Closed
alvestrand opened this issue Aug 10, 2016 · 2 comments
Closed

Add information about scope of policy to the Introduction #32

alvestrand opened this issue Aug 10, 2016 · 2 comments

Comments

@alvestrand
Copy link

In the Introduction, the scope of a policy is left completely unclear. It's easy to read it and come to the conclusion that this stuff is about defining policies for the entire browser or browser session, akin to how a .pac file influences proxy policies.

It's clear from the later parts that this is not the intent; the policy is communicated on the response from which a Document object is initialized, and only affects objects within that Document's context (including, I assume, iframes within the Document).

This ought to be clear from the introduction.
@igrigorik
Copy link
Member

@alvestrand ptal at the explainer doc: https://docs.google.com/document/d/1k0Ua-ZWlM_PsFCFdLMa8kaVTo32PeNZ4G7FFHqpFx4E/edit. We haven't updated the spec to match what we're discussing there (simplifying to whitelist-only model), but I believe it should address what you're raising here.

@igrigorik
Copy link
Member

Closing, please refer to #43 for latest and greatest.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@igrigorik @alvestrand