- From: Dirk Pranke <dpranke@chromium.org>
- Date: Thu, 13 May 2010 19:01:20 -0700
- To: Maciej Stachowiak <mjs@apple.com>, public-webapps <public-webapps@w3.org>
On Thu, May 13, 2010 at 6:40 PM, Dirk Pranke <dpranke@chromium.org> wrote: > On Thu, May 13, 2010 at 6:13 PM, Maciej Stachowiak <mjs@apple.com> wrote: >> I think a more likely use case for CORS does not involve embedded gadgets at all. Consider the example of a social network asking for access to your GMail contacts. > > Fair enough. Sounds like a different email thread; I'll see what I can do :) > Okay, having thought about this for a few minutes, I think that this is essentially identical to the calendar example you worked through in your DBAD slide deck (and which is also listed as an example use case in the CORS spec) (it's just a GET instead of a PUT). So, rehashing that thread here doesn't make a lot of sense, but incorporating it into the "security considerations" section does. Do you agree? -- Dirk
Received on Friday, 14 May 2010 02:02:15 UTC