- From: Bil Corry <bil@corry.biz>
- Date: Mon, 06 Apr 2009 16:08:13 -0500
- To: Brandon Sterne <bsterne@mozilla.com>
- CC: Adam Barth <w3c@adambarth.com>, Thomas Roessler <tlr@w3.org>, Jonas Sicking <jonas@sicking.cc>, Ian Hickson <ian@hixie.ch>, Anne van Kesteren <annevk@opera.com>, public-webapps@w3.org, Maciej Stachowiak <mjs@apple.com>, Sam Weinig <weinig@apple.com>, Sid Stamm <sstamm@mozilla.com>
Brandon Sterne wrote on 4/6/2009 3:34 PM: > I'm adding Sid, who has been editing the document: > https://wiki.mozilla.org/Security/Origin > > As is mentioned in the first section of that document, the name of the > proposed header is subject to change. If you're going for an entirely new header, then you should consider adding the redirect path as well to it: Origin: <origin host> <frame-ancestor>*[, <redirect-host>]* So site A frames B which frames C that then POSTs to D, which redirects to E which redirects to F becomes: Origin: C B A, D, E - Bil
Received on Monday, 6 April 2009 21:10:18 UTC