- From: Marcos Caceres <marcosscaceres@gmail.com>
- Date: Mon, 18 Feb 2008 13:09:18 +1100
- To: "Anne van Kesteren" <annevk@opera.com>
- Cc: "WAF WG (public)" <public-appformats@w3.org>
Hi Anne,
Can you please change 'example.com' to 'server-a.com' and
'hello-world.invalid' to 'server-b.com' throughout the spec. I think
that would make the spec a tad easier to follow.
Also, minor mistake in one of the examples (.com.com):
client.open("GET", "http://example.com.com/hello")
Kind regards,
Marcos
On 2/16/08, Anne van Kesteren <annevk@opera.com> wrote:
>
> Hi all,
>
> The WAF WG published a new snapshot of the editor's draft of Access
> Control for Cross-site Requests yesterday in the W3C Technical Report
> space. It includes recent HTTP header name changes and incorporates a new
> proposal for limiting the amount of requests in case of non-GET methods to
> various different URIs which share the same origin.
>
> In addition to those technical changes it also makes the (until now)
> implicit requirements and use cases explicit by listing them in an
> appendix and contains a short FAQ on design decisions.
>
> http://www.w3.org/TR/2008/WD-access-control-20080214/
>
> We expect the next draft to go to Last Call so hereby we're soliciting
> input, once again, from the Forms WG, HTML WG, HTTP WG, TAG, Web API WG,
> and Web Security Context WG. (All on the "bcc list" so we don't get
> massive cross-list e-mailing.)
>
> We appreciate input from anyone however, so feel free to forward or reply
> to this e-mail as you see fit.
>
> Kind regards,
>
>
> --
> Anne van Kesteren
> <http://annevankesteren.nl/>
> <http://www.opera.com/>
>
>
--
Marcos Caceres
http://datadriven.com.au
Received on Monday, 18 February 2008 02:09:34 UTC