Be more verbose about SOP issue.

[Imported from Trac: page GSoCIdeas2010, version 17]
2009-03-16 22:30:04 +00:00 · 2009-03-16 22:30:04 +00:00 · 28015af69a
parent ed47cd6f3d
commit 28015af69a
1 changed files with 1 additions and 1 deletions
--- a/GSoCIdeas2010.md
+++ b/GSoCIdeas2010.md
@ -14,7 +14,7 @@ What could a smart student do in one summer, if they didn't need to worry about
   * An interactive tree browser web frontend.
   * A blog-like app (perhaps addressing tiddly wishlist items)
   * Port another light-weight server open source web app to Tahoe+javascript (calendar, photo album)
- * Fix Same-Origin-Policy design issue (these need careful design review and consideration!):
+ * Fix Same-Origin-Policy design issue.  Web content from different authors can interact in unintended ways in the victims browser, such as [JavaScript](JavaScript) iterating over open windows, or peeking at a referrer header.  Before this project is undertaken, the problem description and proposed solutions need careful design review and consideration!  The solutions should be considered prototypes and should be backwards compatible with the Tahoe network.
   * Domain Mangling approaches:
     * HTTP proxy approach
     * Special scheme handling in browser add-ons