- From: Jonas Sicking <jonas@sicking.cc>
- Date: Fri, 06 Jul 2007 10:23:10 -0700
- To: Jonas Sicking <jonas@sicking.cc>, Mark Nottingham <mnot@yahoo-inc.com>, "WAF WG (public)" <public-appformats@w3.org>
Thomas Roessler wrote: > On 2007-07-05 15:16:34 -0700, Jonas Sicking wrote: > >> This is not the case in our spec, if the author misses adding >> example.com to Content-Access-Control: deny <*.evil.com> very bad >> things can happen. > > I guess that demonstrates why the deny tag isn't that good an idea > in the first place. sigh, keeping saying that without coming up with an alternative seems very unproductive. / Jonas
Received on Friday, 6 July 2007 17:23:18 UTC