W3C home > Mailing lists > Public > public-webapi@w3.org > October 2007

HTTP methods and security

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 16 Oct 2007 12:23:21 +0200
To: "Web API WG (public)" <public-webapi@w3.org>
Message-ID: <op.t0acg7cq64w2qv@annevk-t60.oslo.opera.com>


These are the documents for the HTTP methods that should not be allowed  
with XMLHttpRequest:

   TRACE   http://www.kb.cert.org/vuls/id/867593
   TRACK   http://www.kb.cert.org/vuls/id/288308
   CONNECT http://www.kb.cert.org/vuls/id/150227


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>

Received on Tuesday, 16 October 2007 10:23:20 GMT

This message: [ Message body ]
Next message: Charles McCathieNevile: "Re: Consensus Call Re: [XMLHttpRequest] Publishing another draft"
Previous message: Anne van Kesteren: "Re: Consensus Call Re: [XMLHttpRequest] Publishing another draft"
In reply to: Anne van Kesteren: "Re: Consensus Call Re: [XMLHttpRequest] Publishing another draft"
Next in thread: Julian Reschke: "Re: Consensus Call Re: [XMLHttpRequest] Publishing another draft"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:58 GMT