| 20:10 | <Domenic> | annevk: your review on https://github.com/domenic/origin-isolation would be much appreciated :). |
| 20:11 | <Domenic> | Wanted to get that out there to start discussion before I turn to updating and specifying origin policy itself. |
| 20:31 | <annevk> | Domenic: guess main thing I wonder about is why we’d allow a single origin to be keyed in multiple ways |
| 20:34 | <annevk> | Domenic: being same-origin but also isolated seems painful |
| 20:36 | <annevk> | Domenic: being better about WindowProxy and Location doing messaging and being isolated by origins and agent clusters would also be nice, though arguably a separate effort |
| 20:37 | <annevk> | Anyway, overall this looks pretty principled and worth doing to me, thanks for writing it up |
| 20:46 | <Domenic> | annevk: hmm so you are talking about the case "Example: https://example.com/ was loaded with origin isolation, and embeds an iframe for https://example.com/ which loads with origin isolation", right? Yeah hmm that is a bit wacky... |
| 20:51 | <annevk> | Domenic: where the first is without |
| 20:51 | <Domenic> | Right, sorry, yeah, misquoted |
| 20:52 | <Domenic> | Yeah, I was going to file an issue, but no, I'll just fix it, that's wack |
| 20:52 | <Domenic> | Thanks for catching :) |