Open julien51 opened 10 years ago
Let's rather avoid conflicts using a SOP pattern. When the registration iframe is opened, we must check that the registered url matches the window.parent url's domain. If it does, then accept the subscription. If it does not, then, refuse it.
When 2 services register the same name, we should track and eventually blacklist any domain that's trying to hijack another service's name.