W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2009

Re: HTTPbis and the Same Origin Policy

From: Adam Barth <w3c@adambarth.com>
Date: Mon, 30 Nov 2009 23:19:05 -0800
Message-ID: <7789133a0911302319q7e437adem4a62980bff58285d@mail.gmail.com>
To: Martin J. Dürst <duerst@it.aoyama.ac.jp>
Cc: Tyler Close <tyler.close@gmail.com>, Julian Reschke <julian.reschke@gmx.de>, HTTP Working Group <ietf-http-wg@w3.org>
On Mon, Nov 30, 2009 at 8:28 PM, "Martin J. Dürst"
<duerst@it.aoyama.ac.jp> wrote:
> On the other hand, if I write (e.g. using libcurl or whatever) a "webbot"
> that periodically checks the balance on one of my bank accounts and
> transfers money from another bank account of mine if the balance on the
> first bank account is low, then I don't see why anybody would want to forbid
> this.

As a point of amusement, I recently co-wrote a "stylebot" for the
WebKit project that violates the same-origin policy in precisely this
way (by shuffling data between a Bugzilla instance and another web
service).

Adam
Received on Tuesday, 1 December 2009 07:20:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:13 GMT