Ah, thanks; I missed that. See also: <http://wiki.mozilla.org/Cross_Site_XMLHttpRequest> On 2007/09/06, at 8:34 PM, Anne van Kesteren wrote: > On Thu, 06 Sep 2007 06:15:08 +0200, Mark Nottingham <mnot@yahoo- > inc.com> wrote: >> AFAICT this hasn't been discussed here. >> >> In a nutshell, the purpose is to allow browsers to send scripted >> requests (e.g., JavaScript XmlHttpRequest) to sites other than >> that which generated the content it resides in; i.e., a "cross- >> site" request. >> >> Note the definition of new headers, as well as the "security >> check" request preceding non-GET/POST methods (recent discussion >> indicates this may be pared down to just GET). >> >> See also <http://www.w3.org/TR/access-control/>. > > The proposal from Ian Hickson has been incorperated in a draft for > XMLHttpRequest level 2. It probably makes more sense to review that: > > http://dev.w3.org/2006/webapi/XMLHttpRequest-2/Overview.html > http://dev.w3.org/2006/waf/access-control/Overview.html > > > -- > Anne van Kesteren > <http://annevankesteren.nl/> > <http://www.opera.com/> -- Mark Nottingham mnot@yahoo-inc.comReceived on Thursday, 6 September 2007 12:03:45 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:38:28 GMT