- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 16 Sep 2015 02:48:50 -0700
- To: w3ctag/spec-reviews <spec-reviews@noreply.github.com>
Received on Wednesday, 16 September 2015 09:49:18 UTC
> ... as otherwise the tendency is to leave a proxy open a a script's origin server to relay anything any everything without any caution or CORS, which obviously defeats the whole Same Origin Model. That does not defeat the same-origin policy actually. A proxy server is perfectly acceptable. I recommend reading https://annevankesteren.nl/2015/02/same-origin-policy if you want to know what the same-origin policy protects against. The only problem with a proxy server is that it creates an additional request. That is why we have CORS. --- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/spec-reviews/issues/76#issuecomment-140690939
Received on Wednesday, 16 September 2015 09:49:18 UTC