undefined | Better HN

0 pointsfswd3y ago0 comments

https://developer.mozilla.org/en-US/docs/Web/HTML/Element#em...

0 comments

<portal> is an experiment/pet project pushed (and only implemented!) by one browser vendor, which as far as I know remains feature flagged.

It was shipped behind a flag with an initial implementation vulnerable to a same origin policy bypass as well as local file disclosure. As far as I can tell the only reason it wasn't assigned a Moz standards position of "harmful" is because Google argued "it's actually still a work in progress!" (three years ago).

Refs:

- https://research.securitum.com/security-analysis-of-portal-e...

- https://github.com/mozilla/standards-positions/issues/157

j / k navigate · click thread line to collapse

0 comments

lol7683y ago

<portal> is an experiment/pet project pushed (and only implemented!) by one browser vendor, which as far as I know remains feature flagged.

Refs:

- https://research.securitum.com/security-analysis-of-portal-e...

- https://github.com/mozilla/standards-positions/issues/157

j / k navigate · click thread line to collapse