- From: Jack (Zhan, Hua Ping) <jackiszhp@gmail.com>
- Date: Wed, 11 Oct 2017 04:25:47 +0800
- To: Jake Archibald <jakearchibald@google.com>, "public-webapps@w3.org" <public-webapps@w3.org>
On Wed, Oct 11, 2017 at 12:57 AM, Jake Archibald <jakearchibald@google.com> wrote: > I can't find any reference to this "Adobe" behaviour. > > Flash relied on crossdomain.xml, but that had to be on the origin containing > the requested resource, so 2nd.com in this case. > > Adobe's solution is pretty similar to CORS but sets an origin-wide policy, > whereas CORS can be per resource. After read your comment, I checked what you said. And what you said is true according to the material I can find at present day, though they are all after 2008 (version 0.2 Cross Domain Policy File Specification). When I got the impression in 2003/2004, I did not know there is any published specification on relaxing the same origin policy. At that time, it seemed to be its proprietary use. Either Adobe has changed their design after W3C published its stupid design in 2005 or I misunderstood Adobe's way which is possible though I do not think it is probable. I mentioned "Adobe" because I think I should give credit to what I saw long time ago. I do not mind we refer what I proposed with any other term such as "JMBW(Jack Might Be Wrong) way of specifying the same origin". Please comment on "JMBW way of specifying the same origin", why those smart people do not implement it this way, why it is not good? Enlight me. with best regards Jack (Zhan, Hua Ping詹华平) +85-153-9230-9232 twitter: https://twitter.com/jackzhp/with_replies
Received on Tuesday, 10 October 2017 20:26:10 UTC