Re: [XHR] same-origin request event rules are underspecified

On Tue, 19 Jan 2010 08:00:19 +0100, Thomas Roessler <> wrote:
> What does "does not violate security" mean?  Is a same origin redirect  
> the only redirect that's considered to "not violate security"?

Yeah, this was old text that was never updated to match reality. Thanks  
for pointing it out!

(Fixed for both XHR1 and XHR2, which have slightly different text as XHR2  
deals with cross-origin redirects.)

Anne van Kesteren

Received on Sunday, 31 January 2010 13:51:07 UTC