- From: <bugzilla@jessica.w3.org>
- Date: Thu, 07 Feb 2013 14:08:09 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=19028 --- Comment #3 from Alexander Romanovich <alex@sirensclef.com> --- In that case you could just allow hosts in the whitelist as well: No-Cookies: /path/to/dir1/*;/path/to/resource;www.domain.com This option would not necessitate the developer setting a rel attribute on a DOM-inserted tag referencing a resource but, more importantly, that's not the only scenario we'd be dealing with for script-initiated requests. There are lots of XHR requests that would benefit from this. The other reason I like Ian's whitelist/prefix idea is that deployment would be greatly simplified. My application doesn't need to have to worry about generating rel attributes for stylesheets, scripts, images. I simply send an extra header with my documents and forget about it. I could even do that site-wide with Apache's mod_headers, for instance. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Thursday, 7 February 2013 14:08:15 UTC