The Web Application Security Working Group has published a Working Draft of Confinement with Origin Web Labels. This specification defines an API for specifying privacy and integrity policies on data, in the form of origin labels, and a mechanism for confining code according to such policies. This allows Web application authors and server operators to share data with untrusted—buggy but not malicious—code (e.g., in a mashup scenario) yet impose restrictions on how the code can share the data further.
by Maria Auday via W3C News
No comments:
Post a Comment