- From: Adam Barth <w3c@adambarth.com>
- Date: Mon, 23 Jun 2008 14:47:37 -0700
- To: "Jonas Sicking" <jonas@sicking.cc>
- Cc: "Web Applications Working Group WG" <public-webapps@w3.org>
On Mon, Jun 23, 2008 at 2:35 PM, Jonas Sicking <jonas@sicking.cc> wrote: > What I have seen suggestions for though is a simpler policy language that > doesn't send a full white-list to the client, but rather just a yes/no > decision to the client. If we go this route, we should be careful about caching of HTTP responses, especially for GET requests. We don't want clients to use cached "yes" responses without consulting the server. Adam
Received on Monday, 23 June 2008 21:48:13 UTC