So I don't know where to put this, but I think there's going to need to be a content loading API for browsers. With how the web currently works, we have content for one site loaded from all over the place. We're gonna need a CSP style loading API with a signing system that allows fine grained controls of what loads from where with content validation. If not, a malicious attacker could pop a content repo and swap content that could cause harm to users.
This is probably going to require a new API, but frankly, it relates to immersive as this is when it's going to come in to the "oh god why is there a car coming at me, I better swerve" crash "wait, there was a car, what the fuck?" territory.
So I don't know where to put this, but I think there's going to need to be a content loading API for browsers. With how the web currently works, we have content for one site loaded from all over the place. We're gonna need a CSP style loading API with a signing system that allows fine grained controls of what loads from where with content validation. If not, a malicious attacker could pop a content repo and swap content that could cause harm to users.
This is probably going to require a new API, but frankly, it relates to immersive as this is when it's going to come in to the "oh god why is there a car coming at me, I better swerve" crash "wait, there was a car, what the fuck?" territory.