- From: Jonas Sicking <jonas@sicking.cc>
- Date: Fri, 30 May 2008 11:08:24 -0700
- To: Anne van Kesteren <annevk@opera.com>
- CC: "WAF WG (public)" <public-appformats@w3.org>
Anne van Kesteren wrote: > > On Wed, 28 May 2008 03:10:16 +0200, Jonas Sicking <jonas@sicking.cc> wrote: >> While it's true that servers need to be prepared for any type of HTTP >> requests already, access-control makes it possible to do them using >> other users peoples credentials. >> >> So while we don't need to worry about "bad things happen when this >> HTTP request is sent", we do need to worry about "bad things can >> happen when this HTTP request is sent by a user with root credentials". > > Yes, that's why we have Access Control in the first place. Exactly. > We had Allow > at some point in the past and we decided it was not needed. Why do you > suddenly think it is needed again? Last time I thought about it in terms of a feature. I.e. as a way for the server to choose which other servers could perform what actions. However IMHO it makes more sense as an extra level of security. To deal with servers supporting actions that the server administrator is unaware of or wasn't thinking of when enabling Access-Control. Further, the way we controlled methods before was much more complex than my proposal. Different sites could have different allowed methods. We had to issue new prefligh requests every time a new method was used. The syntax allowed for DELETE being listed as an allowed method when we checked for POST, but then DELETE wouldn't actually be allowed when we checked for DELETE, etc. The new proposal is much simpler. Both syntax wise for the server administrator, and for the implementation. / Jonas
Received on Friday, 30 May 2008 18:16:27 UTC