We're planning to use Same-origin policy to prevent this. It was first brought u... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		diggan on Oct 23, 2016 \| parent \| context \| favorite \| on: IPFS is the Distributed Web We're planning to use Same-origin policy to prevent this. It was first brought up here: https://github.com/ipfs/go-ipfs/issues/651 You can read more about same-origin policy here: https://developer.mozilla.org/en-US/docs/Web/Security/Same-o...

0xcde4c3db on Oct 23, 2016 [–]

Putting a hash in the hostname/domain would also be using same-origin policy. The issue you linked refers to using suborigins, which seems to still be a draft proposal with no implementer buy-in outside of Chromium [1].

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1231225

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact