W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2009

Re: Comments on the HTTP Sec-From Header (draft-abarth-origin)

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 22 Jul 2009 19:21:41 -0700
Message-ID: <7789133a0907221921v2e881c32sf1bf967845ef1d2a@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Anne van Kesteren <annevk@opera.com>, Ian Hickson <ian@hixie.ch>, "collinj@cs.stanford.edu" <collinj@cs.stanford.edu>, HTTP Working Group <ietf-http-wg@w3.org>
Anne,

I wonder if this syntax would work for CORS too?  We can take the
discussion to web-apps if you like, but the idea is if you get a
redirect (e.g., of a DELETE), then you can add a second Origin header
to the request instead of modifying the existing header.

Adam


On Wed, Jul 22, 2009 at 6:35 PM, Mark Nottingham<mnot@mnot.net> wrote:
> If the contents can't contain a comma by definition, and you're relatively
> sure that they'll be generated correctly, omitting quotes should be fine.
>
>
> On 22/07/2009, at 11:58 PM, Anne van Kesteren wrote:
>
>> On Mon, 13 Jul 2009 01:45:43 +0200, Mark Nottingham <mnot@mnot.net> wrote:
>>>
>>> It's necessary because a URL can contain a comma.
>>
>> FYI: Sec-From does not take a URL.
>>
>>
>> --
>> Anne van Kesteren
>> http://annevankesteren.nl/
>
>
> --
> Mark Nottingham     http://www.mnot.net/
>
>
Received on Thursday, 23 July 2009 02:22:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:08 GMT