Re: HTTPbis and the Same Origin Policy

On Wed, Nov 25, 2009 at 12:26 PM, Adam Barth <w3c@adambarth.com> wrote:
> On Wed, Nov 25, 2009 at 9:27 AM, Tyler Close <tyler.close@gmail.com> wrote:
>> On Wed, Nov 25, 2009 at 7:50 AM, Julian Reschke <julian.reschke@gmx.de> wrote:
>>> That being said, defining this in a spec probably *is* a good idea. Did you
>>> just volunteer? Note that to produce a spec you actual IETF WG is required.
>>
>> ;) No, I wasn't trying to throw myself on that grenade. ;) Not yet at
>> least. Documenting SOP is a *big* task. I understand why it makes you
>> worry about slipping deadlines. So, should the charter be revised to
>> exclude the primary security policy that governs use of HTTP? ;)
>
> The same-origin policy is defined here:
>
> http://tools.ietf.org/html/draft-abarth-origin

Actually, that draft is out of date.  I've just uploaded a new draft,
which I've also attached to this message.

Adam

Received on Wednesday, 25 November 2009 20:30:57 UTC