[Bug 7599] Either drop the two places that set the "Origin" HTTP header, or update HTML5 to match the Sec-From/Origin I-D (if the latter is stable enough yet). from bugzilla@wiggum.w3.org on 2009-09-22 (public-html-bugzilla@w3.org from September 2009)

From: <bugzilla@wiggum.w3.org>
Date: Tue, 22 Sep 2009 05:53:59 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1MpyK7-0000Zr-Ld@wiggum.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=7599


Adam Barth <w3c@adambarth.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |w3c@adambarth.com




--- Comment #1 from Adam Barth <w3c@adambarth.com>  2009-09-22 05:53:59 ---
It would be helpful to rename Origin to Sec-From and to incorporate the list of
privacy-sensitive contexts from this page:

https://wiki.mozilla.org/Security/Sec-From


-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 22 September 2009 05:54:16 UTC