undefined | Better HN

0 pointslxgr1y ago0 comments

That's assuming there's still a dev around that has knowledge of, or even access to, the source code of a given webapp depending on the legacy functionality.

0 comments

plufz1y ago

Sure. I just got a vibe from this thread that breaking security changes in the browser is a totally unknown phenomenon, but we had changes to behavior from other origin headers, demanding ssl and changes to cookies. Somehow we survived. ;)

lxgrOP1y ago

A lot of people did complain very loudly about enforcing SSL, and it took decades to get here. Same for cookies.

So yes, breaking changes for privacy/security reasons do happen, but they're very painful, and if there's a more secure alternative (in this case, still isolating communicating processes and providing communication via IPC, and providing an opt-out way of the legacy behavior), that's often the easier path.

j / k navigate · click thread line to collapse

0 comments

plufz1y ago

lxgrOP1y ago

A lot of people did complain very loudly about enforcing SSL, and it took decades to get here. Same for cookies.

j / k navigate · click thread line to collapse