|
|
|
|
|
|
by hinkley
2111 days ago
|
|
|
We are moving by increments toward not letting content on a page send information directly to a separate origin. With content addressable networks, it would be a challenge to enforce this, which implies rolling back security improvements, which means security regression. For interactive content, at least part of the page has to have an origin. Maybe only the root document get an origin, and the rest gets none or the same? But then what happens with domain expiry? It may mean that interactive documents require a web server, even if the bulk of the page, or even a document tree, is stitched together from addressable content. |
|
|