RE: Reminder: Conference call: SOR and CORS vs. From Origin

Hi Erik,

Please see http://annevankesteren.nl/2011/02/from-origin for details about the original "From Origin" header proposal.

Regards,
Vlad


From: Erik van Blokland [mailto:letterror@gmail.com] On Behalf Of Erik van Blokland
Sent: Wednesday, February 16, 2011 9:44 AM
To: Levantovsky, Vladimir
Cc: public-webfonts-wg@w3.org
Subject: Re: Reminder: Conference call: SOR and CORS vs. From Origin


On 16 feb 2011, at 02:27, Levantovsky, Vladimir wrote:


As we discussed and agreed at the last telcon, we will dedicate our next conf. call on Feb. 16 to same-origin restriction and two alternative ways to relax the restriction: CORS and From Origin header.

Would it be possible for someone to post a brief summary of what the from-origin proposal is? I read through the conversation several times, but I might be missing something.

Who is sending which header to whom?
What is the default?  fiddle to deny? fiddle to allow?
Who has to do the fiddling to make it do something else than the default?
How much work has to be done to make the From Origin work? By whom?

Thanks!

Erik

Received on Wednesday, 16 February 2011 14:49:58 UTC