[x3d-public] Encrypted Content

Herbert Stocker herbert.stocker at bitmanagement.com
Mon Jul 18 07:10:39 PDT 2016


Hi all,

i guess the point about file:// does not mean that reading the local 
disk should be in an encrypted form. Or disabled per se.
i guess it means that if the content arrives via https:// then 
referencing assets like Inlines or textures via file:// is
disabled for security reasons. Am i right?

However i think that is just good old same-origin-policy. No content 
coming from a web server should be able to
reference stuff on the hard disk. Although for in house demos (web 
server inside the intranet) this may be feasible.

/Herbert/

//


On 15.07.2016 20:13, Leonard Daly wrote:
>
> There is a very heated discussion going on in the web-vr list 
> concerning the WebVR specification. The browsers companies (at least 
> Google and Mozilla) are considering making this capability require 
> that the content arrived over HTTPS. This seems (to me) to be part of 
> a much larger push to require all content be encrypted.
>
> My point is not to get in a discussion here about the merits of this 
> idea, but to provide preliminary notice that all Web3D content is 
> going to need to support HTTPS at the same Profile, Component/Level as 
> HTTP protocol is supported. It may even be the case that FILE:// won't 
> work or will require a configuration setting change in the browser.
>
>
> -- 
> *Leonard Daly*
> 3D Systems & Cloud Consultant
> X3D Co-Chair on Sabbatical
> LA ACM SIGGRAPH Chair
> President, Daly Realism - /Creating the Future/
>
>
> _______________________________________________
> x3d-public mailing list
> x3d-public at web3d.org
> http://web3d.org/mailman/listinfo/x3d-public_web3d.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://web3d.org/pipermail/x3d-public_web3d.org/attachments/20160718/74b5e80f/attachment.html>


More information about the x3d-public mailing list