On Wed, 01 Aug 2007 01:01:55 +0200, Jonas Sicking <jonas@sicking.cc> wrote: > In the implementation I've written, the decision weather to check access > control headers is done by comparing the final uri with the requesting > uri. So if you're redirected back to the original server no > access-control check is done. Ok, I've integrated this now in the XMLHttpRequest level 2 draft (support for cross-site XMLHttpRequest). I've not yet included Referer-Root: http://dev.w3.org/2006/webapi/XMLHttpRequest-2/Overview.html -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>Received on Monday, 6 August 2007 13:32:07 UTC
This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:24 UTC