call for reviewers: XMLHttpRequest Last Call

The XMLHttpRequest spec is in Last Call till 16 December:

> XMLHttpRequest
> W3C Working Draft 19 November 2009
> This Version:
> 	http://www.w3.org/TR/2009/WD-XMLHttpRequest-20091119/

A review from a security perspective would be a Good Thing.

Particularly interesting pieces:

- this is the place where the same origin policy for XMLHttpRequest is defined
- behavior upon redirects
- needs security considerations on, e.g., DNS rebinding

Any takers?

Thanks,
--
Thomas Roessler, W3C  <tlr@w3.org>

Received on Sunday, 6 December 2009 12:35:42 UTC