W3C home > Mailing lists > Public > public-webapi@w3.org > September 2007

Re: XHR: definition of same-origin

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 25 Sep 2007 14:52:17 +0200
To: "Web API WG (public)" <public-webapi@w3.org>
Message-ID: <op.ty7ndfjt64w2qv@annevk-t60.oslo.opera.com>

On Sat, 22 Sep 2007 05:28:13 +0200, Maciej Stachowiak <mjs@apple.com>  
> On Sep 21, 2007, at 3:34 AM, Anne van Kesteren wrote:
>> I think HTML5 needs to define this as my understanding is that  
>> document.domain is also relevant in deciding whether or not a request  
>> is same-origin. I'm not sure if that's happening soon though.
> I don't think document.domain would apply when determining same origin  
> for XMLHttpRequest.

Thanks Boris, Jonas and Maciej for your replies.


defines same-origin for two URIs and is used in


It would be nice to get some implementation feedback on what to do about  
data:, javascript: etc.

Anne van Kesteren
Received on Tuesday, 25 September 2007 12:52:31 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:24 UTC