Security & Privacy section must be made normative to avoid interoperability issues related to cross-origin API access, exposure of powerful features only to secure context, etc.
Currently, browsers implement cross-origin access to the API differently:
Security & Privacy section must be made normative to avoid interoperability issues related to cross-origin API access, exposure of powerful features only to secure context, etc.
Currently, browsers implement cross-origin access to the API differently:
Cross-origin access is blocked in:
Cross-origin access is allowed in:
Proposal: