- From: Adam Barth <w3c@adambarth.com>
- Date: Thu, 3 Dec 2009 14:06:04 -0800
- To: Larry Masinter <masinter@adobe.com>
- Cc: "public-web-security@w3.org" <public-web-security@w3.org>, "Mark S. Miller" <erights@google.com>
On Thu, Dec 3, 2009 at 1:45 PM, Larry Masinter <masinter@adobe.com> wrote: > I can understand "not sufficient". However, if the Origin header > turns out to be "not necessary" (e.g., some other mechanism is > more applicable) then would it be harmful to leave the HTML5 > spec requiring an Origin header? Not necessary does not imply not useful. For example, <canvas> isn't necessary for drawing lines on the screen, but it's sure useful. On Thu, Dec 3, 2009 at 1:58 PM, Mark S. Miller <erights@google.com> wrote: > It would be harmful. That's a matter of opinion. :) Adam
Received on Thursday, 3 December 2009 22:07:04 UTC