Hi Anne, Can you please change 'example.com' to 'server-a.com' and 'hello-world.invalid' to 'server-b.com' throughout the spec. I think that would make the spec a tad easier to follow. Also, minor mistake in one of the examples (.com.com): client.open("GET", "http://example.com.com/hello") Kind regards, Marcos On 2/16/08, Anne van Kesteren <annevk@opera.com> wrote: > > Hi all, > > The WAF WG published a new snapshot of the editor's draft of Access > Control for Cross-site Requests yesterday in the W3C Technical Report > space. It includes recent HTTP header name changes and incorporates a new > proposal for limiting the amount of requests in case of non-GET methods to > various different URIs which share the same origin. > > In addition to those technical changes it also makes the (until now) > implicit requirements and use cases explicit by listing them in an > appendix and contains a short FAQ on design decisions. > > http://www.w3.org/TR/2008/WD-access-control-20080214/ > > We expect the next draft to go to Last Call so hereby we're soliciting > input, once again, from the Forms WG, HTML WG, HTTP WG, TAG, Web API WG, > and Web Security Context WG. (All on the "bcc list" so we don't get > massive cross-list e-mailing.) > > We appreciate input from anyone however, so feel free to forward or reply > to this e-mail as you see fit. > > Kind regards, > > > -- > Anne van Kesteren > <http://annevankesteren.nl/> > <http://www.opera.com/> > > -- Marcos Caceres http://datadriven.com.auReceived on Monday, 18 February 2008 02:09:34 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 18 February 2008 02:09:35 GMT