W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2010

Re: User confirmation and 307 redirects

From: Adam Barth <ietf@adambarth.com>
Date: Thu, 19 Aug 2010 14:10:48 -0700
Message-ID: <AANLkTi=Hj0dKo3aM_nHvZMwu_f-gvP_Mw3Ptu8=hTMRu@mail.gmail.com>
To: "Roy T. Fielding" <fielding@gbiv.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, httpbis <ietf-http-wg@w3.org>, Maciej Stachowiak <mjs@apple.com>
On Thu, Aug 19, 2010 at 2:06 PM, Roy T. Fielding <fielding@gbiv.com> wrote:
> It isn't a feature.  It is a security constraint.  The fact that some
> browsers have security holes is well known.

It's completely ineffective as a security mechanism.  At best, all it
could do is result in blame-the-user security, which isn't security at

Received on Thursday, 19 August 2010 21:11:45 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:13:48 UTC