W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2011

Re: [XHR2] Feedback on sec-* headers

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 22 Feb 2011 12:52:27 +0100
To: "Adam Barth" <w3c@adambarth.com>, "Mark Nottingham" <mnot@mnot.net>
Cc: public-webapps@w3.org
Message-ID: <op.vray9oqh64w2qv@anne-van-kesterens-macbook-pro.local>
On Tue, 22 Feb 2011 03:28:00 +0100, Mark Nottingham <mnot@mnot.net> wrote:
> The problems I brought up still stand, however. I think we need to have  
> a discussion about how much convenience the implementers really need  
> here, and also to look at the impact on the registration procedure for  
> HTTP headers.

This is not about convenience for implementors. This is about allowing  
specifications to introduce headers that cannot be spoofed via  
XMLHttpRequest.


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Tuesday, 22 February 2011 11:53:21 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:43 GMT