W3C home > Mailing lists > Public > public-web-security@w3.org > June 2010

fyi: I-D Action:draft-abarth-origin-07.txt

From: =JeffH <Jeff.Hodges@KingsMountain.com>
Date: Wed, 09 Jun 2010 10:20:44 -0700
Message-ID: <4C0FCD6C.8040900@KingsMountain.com>
To: W3C Web Security Interest Group <public-web-security@w3.org>
draft-abarth-origin is once again a current I-D.



Subject: I-D Action:draft-abarth-origin-07.txt
From: Internet-Drafts@ietf.org
Date: Tue,  8 Jun 2010 20:00:02 -0700 (PDT)
To: i-d-announce@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : The Web Origin Concept
	Author(s)       : A. Barth, et al.
	Filename        : draft-abarth-origin-07.txt
	Pages           : 14
	Date            : 2010-06-08

This document defines the concept of an "origin," which is used by
web browsers to isolate content retrieved from different parties.
The origin concept is defined by a "same-origin" relation and a
serialization algorithm.  This document also defines an HTTP Origin
header, which a user agent can use to describe the security contexts
that caused the user agent to initiate an HTTP request.  HTTP servers
can use the Origin header to mitigate against Cross-Site Request
Forgery (CSRF) vulnerabilities.

A URL for this Internet-Draft is:

Internet-Drafts are also available by anonymous FTP at:

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the

Received on Wednesday, 9 June 2010 17:21:14 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:17 UTC