W3C home > Mailing lists > Public > public-device-apis@w3.org > October 2013

RE: [discovery-api] CORS support added to NSD API Editor's Draft

From: FABLET Youenn <Youenn.Fablet@crf.canon.fr>
Date: Mon, 7 Oct 2013 14:49:10 +0000
To: "Igarashi, Tatsuya" <Tatsuya.Igarashi@jp.sony.com>, Rich Tibbett <richt@opera.com>
CC: Device APIs Working Group <public-device-apis@w3.org>
Message-ID: <ACC41E833067BD4FB8084DEBA2D866BE2F538BB6@ADELE.crf.canon.fr>
> In my understanding, the benefits of CORS for NSD is not only to prevent to
> access other arbitrary networked services on the local network, but also to
> make a local networked service to provide access only to specific web
> services on the Internet. For example, a UPnP Router provided by network
> operator provide access via web page of the network operator. This prevent
> an malicious web page making a security hole.

Agreed, as much as possible, future local network services should be considered similarly to existing URL-global web services.

	Youenn



Received on Monday, 7 October 2013 14:49:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:33:01 UTC