W3C home > Mailing lists > Public > public-appformats@w3.org > July 2007

Re: [ac] wildcard rules and subdomains

From: Thomas Roessler <tlr@w3.org>
Date: Fri, 6 Jul 2007 12:24:15 +0200
To: Jonas Sicking <jonas@sicking.cc>
Cc: Mark Nottingham <mnot@yahoo-inc.com>, "WAF WG (public)" <public-appformats@w3.org>
Message-ID: <20070706102414.GC6561@raktajino.does-not-exist.org>


On 2007-07-05 15:16:34 -0700, Jonas Sicking wrote:

> This is not the case in our spec, if the author misses adding
> example.com to Content-Access-Control: deny <*.evil.com> very bad
> things can happen.

I guess that demonstrates why the deny tag isn't that good an idea
in the first place.

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Friday, 6 July 2007 10:24:22 GMT

This message: [ Message body ]
Next message: Arthur Barstow: "[ac] Comments from the TAG"
Previous message: Jonas Sicking: "Re: [ac] wildcard rules and subdomains"
In reply to: Jonas Sicking: "Re: [ac] wildcard rules and subdomains"
Next in thread: Jonas Sicking: "Re: [ac] wildcard rules and subdomains"
Reply: Jonas Sicking: "Re: [ac] wildcard rules and subdomains"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:10:22 GMT