Re: Use case for cross-site DELETE, PUT, ...?

On Thu, 17 Jan 2008 00:00:38 +0100, Thomas Roessler <> wrote:
> The current specification is phrased in terms of GET (safe) vs
> non-GET (meaning unsafe, actually not entirely accurate given the
> existence of HEADERS) requests.
> That means that there is an assumption here that HTTP methods such
> as DELETE and PUT might be used cross-site.
> If that assumption is kept, we should document corresponding use
> cases, and have an explicit requirement.

You could have an editing tool on that you use to edit  
your website on foo.invalid. The editing tool uses a simple interface  
implemented by your server (APP, perhaps?) to add, remove, edit, etc.  

In general it is about making the use cases HTTP has work in a cross-site  

Anne van Kesteren

Received on Wednesday, 16 January 2008 23:30:08 UTC