W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2010

Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call]

From: Maciej Stachowiak <mjs@apple.com>
Date: Mon, 19 Apr 2010 00:26:22 -0700
Cc: Tyler Close <tyler.close@gmail.com>, Arthur Barstow <Art.Barstow@nokia.com>, ext Anne van Kesteren <annevk@opera.com>, public-webapps <public-webapps@w3.org>
Message-id: <561F7AFD-F98E-4B5E-A49F-EF9D9A6F945C@apple.com>
To: Julian Reschke <julian.reschke@gmx.de>

On Apr 18, 2010, at 4:48 AM, Julian Reschke wrote:

>
> In general, whitelists are bad because they close extension points.  
> Please consider using a black list instead.
>

But blacklists are worse for security, and security is the prime  
consideration here.

Regards,
Maciej
Received on Monday, 19 April 2010 07:26:59 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:38 GMT