ticket #615

[Imported from Trac: page GSoCIdeas2010, version 35]
2009-03-17 02:27:29 +00:00 · 2009-03-17 02:27:29 +00:00 · ca0adadab5
parent 154cb60616
commit ca0adadab5
1 changed files with 1 additions and 1 deletions
--- a/GSoCIdeas2010.md
+++ b/GSoCIdeas2010.md
@ -14,7 +14,7 @@
 ## Deep Security Issues
 *Want to implement strong security features which advance the state of the art?  It isn't easy!  To tackle these you'll need to think carefully and to integrate security and usability, which are two halves of the same coin.  But you'll have excellent mentors and the support of a wide community of interested security hackers.*

- * Fix Same-Origin-Policy design issue.  Web content from different authors can interact in unintended ways in the victims browser, such as Javascript iterating over open windows, or peeking at a referrer header.  Before this project is undertaken, the problem description and proposed solutions need careful design review and consideration!  The solutions should be considered prototypes and should be backwards compatible with the Tahoe network.
+ * Fix Same-Origin-Policy design issue.  Web content from different authors can interact in unintended ways in the victims browser, such as Javascript iterating over open windows, or peeking at a referrer header.  Before this project is undertaken, the problem description and proposed solutions need careful design review and consideration!  The solutions should be considered prototypes and should be backwards compatible with the Tahoe network. tickets: #615 (Can [JavaScript](JavaScript) loaded from Tahoe access all your content which is loaded from Tahoe?)
   * Domain Mangling approaches:
     * HTTP proxy approach
     * Special scheme handling in browser add-ons