Re: Chromium's support for CORS and UMP

Bjoern Hoehrmann wrote:
> * Nathan wrote:
>> Personally, I don't follow why JS running in a user agent should have 
>> completely different access rules to the rest of the web, primarily 
>> because a few site admin's feel it's a good idea to expose sensitive 
>> data via IP-based auth on intranets / on the web via stateful sessions 
>> on a stateless protocol.
> 
> If you do not depend on a user's special standing with a third party
> site, you can configure your server as proxy between your user and the
> third party site. That's more difficult for you, but easier for users
> and maintainers of third party sites. If we'd do away with the access
> restriction, it'd be easier for you, and more difficult for users and
> third parties. What we have now is largely due to following the path
> of least resistance (which is probably true for most web technology).

Thanks Bjoern,

Is it possible to set up a server as a proxy, where a client side ssl 
certificate is also proxied through, should the server at the address 
being proxied request one?

Best,

Nathan

Received on Tuesday, 11 May 2010 00:59:16 UTC