W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2013

[CORS] typos

From: Pellerin, Clement <Clement_Pellerin@ibi.com>
Date: Thu, 14 Feb 2013 15:41:29 -0500
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <9892EC6224DBC54598164D1F77721D755F90B866F7@IBIUSMBSB.ibi.com>
Simple typos found in
Cross-Origin Resource Sharing
W3C Candidate Recommendation 29 January 2013

>> Some terminology in this specification is from The Web Origin ConceptHTM=
L,HTTP and URI
missing comma after Concept

>> 10.If each of the header field-names is a simple header and none is Cont=
ent-Type, than this step may be skipped
than should be spelled then

>> Since the list of headers can be unbounded simply returning headers can =
be enough
the variable "headers" has not been defined.
We have "header field-names"
We also have "list of headers"
but we never defined "headers".

>> If resources are set up like this attackers would effectively have to be=
 on the list of origins to do harm.
Missing comma after "this".
Received on Thursday, 14 February 2013 22:29:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 14 February 2013 22:29:11 GMT