- From: Anne van Kesteren <annevk@opera.com>
- Date: Sat, 24 May 2008 10:32:03 +0200
- To: "Adam Barth" <public-webapi@adambarth.com>
- Cc: "Sunava Dutta" <sunavad@windows.microsoft.com>, "public-webapi@w3.org" <public-webapi@w3.org>, "Gideon Cohn" <gidco@windows.microsoft.com>, "Ahmed Kamel" <Ahmed.Kamel@microsoft.com>, "Zhenbin Xu" <zhenbinx@windows.microsoft.com>, "Doug Stamper" <dstamper@exchange.microsoft.com>
On Tue, 13 May 2008 07:42:59 +0200, Adam Barth <public-webapi@adambarth.com> wrote: > One option is to rename the header "Sec-Origin", which is already > blocked in XHR Level 1. True, but I think Access-Control-Origin is better as it more clearly indicates what it is related to. And since we can safely do it given that cross-site requests won't work for XMLHttpRequest until Access Control is implemented I think it's acceptable. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Saturday, 24 May 2008 08:32:24 UTC