W3C home > Mailing lists > Public > public-appformats@w3.org > December 2007

Re: comments on access control for cross-site requests - WSC member

From: Anne van Kesteren <annevk@opera.com>
Date: Wed, 19 Dec 2007 00:05:31 +0100
To: "Jonas Sicking" <jonas@sicking.cc>
Cc: "Doyle, Bill" <wdoyle@mitre.org>, "WAF WG (public)" <public-appformats@w3.org>
Message-ID: <op.t3jzrhxf64w2qv@annevk-t60.oslo.opera.com>

On Tue, 18 Dec 2007 23:20:29 +0100, Jonas Sicking <jonas@sicking.cc> wrote:
> Actually, I'm not sure we should recommend this. I wouldn't be surprised  
> if the Referer-Root header will end up being used for other specs too in  
> the future. Especially given it's very generic name.
>
> If we really want servers to do this, maybe we should name the header  
> AC-Referer-root instead?
>
> The server could also simply not put any access-control headers or PIs  
> in any responses, that would have the same effect.

Agreed.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Tuesday, 18 December 2007 23:04:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:10:24 GMT