Re: [dev] surf vertical and horizontal same-origin policy patch (updated, with profiling mitigation)

2015-01-24 Thread tautolog
Thanks for the reply, Christoph, = profiling = I view panopticlick as a theoretical demonstration of how many bits of entropy can leak, not a robust implementation that can properly test defenses against sophisticated profiling.  The panopticlick site cannot measure the noise-based approach. O

Re: [dev] [surf] http auth in webkit 2.4.7

2015-01-24 Thread Markus Teich
Christoph Lohmann wrote: > I am using the same webkit version and can’t confirm the bug. Please re‐ > port back with the sample page. Heyho Christoph, apparently the 'AuthType Basic' works. What's not working is LDAP-based group authentication. See the .htaccess file below. I also confirmed this

Re: [dev] surf vertical and horizontal same-origin policy patch (updated, with profiling mitigation)

2015-01-24 Thread tautolog
Ben   Original Message   From: Christoph Lohmann Sent: Friday, January 23, 2015 11:57 PM To: dev mail list Reply To: dev mail list Subject: Re: [dev] surf vertical and horizontal same-origin policy patch (updated, with profiling mitigation) Greetings. On Sat, 24 Jan 2015 08:49:50 +0100 Ben Woo