- From: Maciej Stachowiak <mjs@apple.com>
- Date: Tue, 28 Aug 2007 20:04:24 -0700
- To: "Web API WG (public)" <public-webapi@w3.org>
The XHR spec doesn't define same-origin. We had a webkit bug filed differently where we apparently interpreted same-origin differently than IE or Firefox: <http://bugs.webkit.org/show_bug.cgi?id=15100> In particular, we would not consider https://example.com:443/ to be the same origin as https://example.com/. Since this affects interoperability as well as security I would suggest adding a definition, unless the spec expected to define same- origin is going to happen soon. Regards, Maciej
Received on Wednesday, 29 August 2007 03:04:35 UTC