Historically, the CSS :visited selector has been a way for sites to query the user's history, by using getComputedStyle() or other techniques to walk through the user's history to figure out what sites the user has visited. This can be done quickly, and makes it possible not only to determine where the user has been on the web, but can also be used to guess a lot of information about a user's identity.
The HTML specification introduces a crossorigin attribute for images that, in combination with an appropriate CORS header, allows images defined by the <img> element loaded from foreign origins to be used in canvas as if they were being loaded from the current origin.
In HTML5, some HTML elements which provide support for CORS, such as <img> or <video>, have a crossorigin attribute (crossOrigin property), which lets you configure the CORS requests for the element's fetched data. These attributes are enumerated, and have the following possible values:
This function is used in Persona to cause the browser to reset the automatic / persistent login flag for a website. After being called, the user will need to explicitly log back into your site instead of being signed in automatically.
This function enables a web site to use Persona to authenticate its users. It must be invoked from within a click handler. For example, you should call it when a user clicks your "log in with Persona" button.
The BrowserID protocol defines a new id property on the window.navigator object, through which it exposes the BrowserID API, that is the IdentityManager intreface. This API has gone through several significant revisions. Each generation is listed separately below.