On Tue, Apr 7, 2009 at 10:24 AM, Bil Corry <bil@corry.biz> wrote: > How set in stone is Origin within CORS? I don't think we want to impede CORS with these issues. CORS is quite close to shipping in a number of implementations. I certainly don't want to hold it hostage. > The ideal scenario would be to merge all the various proposed Origin specifications into one that is well thought out and handles the bulk of the use cases. Given infinite time, I agree. However, there is tremendous value in shipping CORS sooner rather than later. > At this point, I'm aware of four Origin descriptions, are there any others? > > CORS: http://www.w3.org/TR/cors/#origin-header > HTML5: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#navigate-fragid-step > Barth: http://www.ietf.org/internet-drafts/draft-abarth-origin-00.txt These two, at least, are the same. We separated the XXX-Origin bit from the HTML 5 spec because folks from the IETF were interested in reviewing it separately from HTML 5. > Moz: https://wiki.mozilla.org/Security/Origin AdamReceived on Tuesday, 7 April 2009 21:37:47 GMT
This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:31 GMT