W3C home > Mailing lists > Public > public-webapi@w3.org > September 2007

Re: XHR: definition of same-origin

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Wed, 26 Sep 2007 22:48:36 -0500
Message-ID: <46FB2814.1070008@mit.edu>
To: "Hallvord R. M. Steen" <hallvord@opera.com>
CC: Maciej Stachowiak <mjs@apple.com>, Anne van Kesteren <annevk@opera.com>, "Web API WG (public)" <public-webapi@w3.org> 

Hallvord R. M. Steen wrote:
>> Note that document.domain (when set by both source and target frame) 
>> also lets you ignore port and protocol differences, which once again 
>> is not desirable for XHR.
> 
> I know we ignore port differences but I don't think we ignore protocol. 

That's Gecko's behavior as well: the document.domain value overrides the 
host and port of the URI, but does not change the scheme.

-Boris
Received on Thursday, 27 September 2007 03:49:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:58 GMT