W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2010

Re: Same Origin Policy and HTTP Authentication

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 07 Dec 2010 11:09:03 +0100
To: "Chirag Shah" <chiragshah1@gmail.com>, "Mark Nottingham" <mnot@mnot.net>
Cc: ietf-http-wg@w3.org
Message-ID: <op.vnb85crl64w2qv@anne-van-kesterens-macbook-pro.local>
On Tue, 07 Dec 2010 00:53:35 +0100, Mark Nottingham <mnot@mnot.net> wrote:
> Although there are a number of places that might be appropriate for this  
> discussion, it might actually be most helpful for you to give this as  
> feedback to the W3C CORS specification:
>   http://www.w3.org/TR/cors/
> ... as they're discussing what is effectively a policy mechanism for  
> cross-site requests.

Actually, no. It is for new types of cross-origin requests that are not  
possible today.

Anne van Kesteren
Received on Tuesday, 7 December 2010 10:09:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:33 GMT