diff options
Diffstat (limited to 'chromium/docs/security/side-channel-threat-model.md')
-rw-r--r-- | chromium/docs/security/side-channel-threat-model.md | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/chromium/docs/security/side-channel-threat-model.md b/chromium/docs/security/side-channel-threat-model.md index 888baad3ce9..afe54be4fe1 100644 --- a/chromium/docs/security/side-channel-threat-model.md +++ b/chromium/docs/security/side-channel-threat-model.md @@ -208,11 +208,7 @@ tracked this as [Issue ###### Flash Click To Play greatly reduces the risk that Flash-borne Spectre (and other) -exploits will be effective at scale. Additionally, the enterprise policies -[PluginsBlockedForUrls](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=PluginsBlockedForUrls) -and -[PluginsAllowedForUrls](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=PluginsAllowedForUrls) -can be combined to restrict Flash to specific websites. +exploits will be effective at scale. Even so, [we might want to consider teaching CORB about Flash flavour of CORS](https://crbug.com/816318). |