Re: Comments on: Access Control for Cross-site Requests

On Fri, 21 Dec 2007 23:10:33 +0100, Ian Hickson <> wrote:
>> The other issues you raise seem more like social ones. I think it makes
>> sense to reach out to the Apache developers to get their opinion on this
>> decision before going with the much more complicated design.
> I'll leave that decision up to the spec's editor; I just wanted to  
> provide numbers to back up the earlier claim I made.

I think the model is ok as it is now. It ties in with existing authoring  
practices (no need to learn a lot of things) and doesn't require an update  
of your server before you can use it. Given that a lot of authors really  
want this feature I'm quite convinced that clients (as in, Web browsers)  
will deploy releases with this implemented pretty quickly and therefore it  
will become usable in a few years. If that does not happen we can  

Anne van Kesteren

Received on Saturday, 22 December 2007 09:27:42 UTC