Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

The solution is simple but ugly:

A root domain www.example.com can utilize upto 10MB of storage while sub-domains count towards that storage limit. Any domain trying to access more will automatically result in a user prompt. An exemption can be made for domains/subdomains that present a valid SSL certificate, the whole idea is to prevent abuse.



How would that work if the malicious page used IP addresses instead of hostnames? Then it's only a matter of how many IP addresses the author can use.


Being that IPv4 addresses are something that's having a bit of a shortage these days, it's not at the top of the list of things to worry about.

That said, if you're one of the few that has IPv6 access, this could turn in to an issue pretty quick.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: