Re: [XHR2] Feedback on sec-* headers

On Tue, 22 Feb 2011 14:19:58 +0100, Julian Reschke <julian.reschke@gmx.de>  
wrote:
> On 22.02.2011 12:52, Anne van Kesteren wrote:
>> This is not about convenience for implementors. This is about allowing
>> specifications to introduce headers that cannot be spoofed via
>> XMLHttpRequest.
>
> It would be good if this could be rephrased as a general design  
> question, and specified in a way that it also applies in other contexts  
> (such as browser plugins doing HTTP, applets, Flash, Silverlight,  
> whatnot).

Yeah, I suppose. When such a higher-level document exists I can update  
XMLHttpRequest to point to it.


-- 
Anne van Kesteren
http://annevankesteren.nl/

Received on Tuesday, 22 February 2011 14:11:20 UTC