W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

Re: Do we need to rename the Origin header?

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 13 Jan 2009 16:31:50 +0100
To: "Jonas Sicking" <jonas@sicking.cc>, public-webapps@w3.org, "Maciej Stachowiak" <mjs@apple.com>, "Sam Weinig" <weinig@apple.com>, "Adam Barth" <w3c@adambarth.com>
Message-ID: <op.unpb3ce464w2qv@annevk-t60.oslo.opera.com>

On Tue, 13 Jan 2009 01:31:49 +0100, Jonas Sicking <jonas@sicking.cc> wrote:
> My suggestion is to rename "Origin" to "Access-Control-Request-Origin"
> or "Access-Control-Origin" if possible (depends on where current
> implementers are in their ship schedule), or that we request that the
> CSRF protection header be renamed to something other than "Origin".

I'm fine with renaming it to Access-Control-Request-Origin as far as the  
Access Control draft is concerned.

Maciej, Sam, Adam?

Anne van Kesteren
Received on Tuesday, 13 January 2009 15:32:59 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:13 UTC