On Mon, 29 Sep 2008 19:47:49 +0200, Jonas Sicking <jonas@sicking.cc> wrote: > What says that an origin is not a URI? Sure, many URIs deny access, > but it looks to me like they are still subsets of URIs. If we say that > they are not URIs, why not go all out and invent a new syntax, such as > > http.org.example.www:80 > > to allow the site http://www.example.org? This would reduce confusion > around them being URIs. > > However I think it would be better to keep them as URIs, while saying > that if there is a path, or if the URI is not same-origin as the > Origin header then deny access. I decided not to change this as HTML5 WebSocket is not doing this either. I did forward your comment: http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2008-September/016358.html http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2008-October/016550.html -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>Received on Monday, 6 October 2008 13:52:18 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:01 GMT