W3C home > Mailing lists > Public > whatwg@whatwg.org > June 2008

[whatwg] Proposal for cross domain security framework

From: Frode Børli <frode@seria.no>
Date: Fri, 20 Jun 2008 21:18:52 +0200
Message-ID: <31fb000f0806201218t27b87388x920a89843dd4a558@mail.gmail.com>
> Web applications could still easily ported from one system to the
> other, because the file would be processed transparently.
>
> The only problem I see is getting the allowed domains right, the
> xsocket file can point to. On the one hand, you may want a dedicated
> machine for the persistent connections if you run a very popular
> service and anticipate many connections at once. On the other hand,
> you don't want an evil site getting access to your service using their
> own xsocket file.

All servers that can accept connections must have a xsocket file.

The only way around this that I see is my reverse DNS proposal...

-- 
Best regards / Med vennlig hilsen
Frode B?rli
Seria.no

Mobile:
+47 406 16 637
Company:
+47 216 90 000
Fax:
+47 216 91 000


Think about the environment. Do not print this e-mail unless you really need to.

Tenk milj?. Ikke skriv ut denne e-posten dersom det ikke er n?dvendig.
Received on Friday, 20 June 2008 12:18:52 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:41 UTC