W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2011

[Bug 14700] New: Point out that Access-Control-Allow-Origin:* is safe for servers not behind a firewall

From: <bugzilla@jessica.w3.org>
Date: Sat, 05 Nov 2011 16:48:25 +0000
To: public-webappsec@w3.org
Message-ID: <bug-14700-4874@http.www.w3.org/Bugs/Public/>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=14700

           Summary: Point out that Access-Control-Allow-Origin:* is safe
                    for servers not behind a firewall
           Product: WebAppsSec
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: CORS
        AssignedTo: annevk@opera.com
        ReportedBy: annevk@opera.com
         QAContact: dave.null@w3.org
                CC: mike@w3.org, public-webappsec@w3.org


In the eventual "How to use CORS" section point out that you can use
Access-Control-Allow-Origin:* safely on servers not behind a firewall.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Received on Saturday, 5 November 2011 16:48:31 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 5 November 2011 16:48:31 GMT