W3C home > Mailing lists > Public > public-web-security@w3.org > July 2011

Resource Timing Timing-Allow-Origin header

From: Philippe Le Hegaret <plh@w3.org>
Date: Mon, 25 Jul 2011 11:13:37 -0400
To: public-web-security@w3.org
Message-ID: <1311606817.1459.853.camel@chacal>
This might be of interest for individuals here.

The Resource Timing specification defines an interface for web
applications to access timing information related to external resources
(such HTML images, videos, style sheets, scripts, etc.).

In order to allow access to timing information relation to cross-origin
resources, the specification introduces the following HTTP header:
[[
Timing-Allow-Origin Response Header

The Timing-Allow-Origin header indicates whether a resource's timing can
be shared based by returning the value of the Origin request header in
the response. ABNF:

  Timing-Allow-Origin = "Timing-Allow-Origin" ":" origin-list-or-null | "*"

    origin-list-or-null is defined by The HTTP Origin Header. [ORIGIN] 

]]
http://www.w3.org/TR/2011/WD-resource-timing-20110524/#cross-origin-resources

Feedback is welcome to public-web-perf@w3.org.

Philippe
Received on Monday, 25 July 2011 15:13:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 25 July 2011 15:13:48 GMT