W3C home > Mailing lists > Public > public-webapi@w3.org > September 2007

Re: XHR: definition of same-origin

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Wed, 26 Sep 2007 09:06:08 -0500
Message-ID: <46FA6750.1030805@mit.edu>
To: Anne van Kesteren <annevk@opera.com>
CC: Maciej Stachowiak <mjs@apple.com>, "Web API WG (public)" <public-webapi@w3.org>


Anne van Kesteren wrote:
> Yes. If I get all this stuff correctly a script could be running on 
> bar.com using the XMLHttpRequest from another frame which is on 
> foo.bar.com. Depending on which definition is used it can either access 
> bar.com or foo.bar.com content (but not both), right?

Basically, yes.

-Boris

Received on Wednesday, 26 September 2007 14:06:46 GMT

This message: [ Message body ]
Next message: Anne van Kesteren: "Re: XHR: definition of same-origin"
Previous message: Anne van Kesteren: "Re: XHR: definition of same-origin"
In reply to: Anne van Kesteren: "Re: XHR: definition of same-origin"
Next in thread: Anne van Kesteren: "Re: XHR: definition of same-origin"
Reply: Anne van Kesteren: "Re: XHR: definition of same-origin"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:58 GMT