Re: Question about origin serialization

Ian Hickson wrote:
> How would the identifier be used?

If nothing else (for things like Access-Control) to differentiate a UA 
that doesn't support the spec at all from a UA that happens to be doing 
things with a unique identifier origin...

It would also make it possible to have a well-defined way of performing 
origin comparisons as string comparisons.

> It seems better not to expose the internal IDs, lest someone manage to use the exposed ID to trick the user 
> agent or a page somehow.

I agree that this might be a concern.

-Boris

Received on Friday, 26 September 2008 23:09:50 UTC