W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2017

Re: CORS

From: Jack (Zhan, Hua Ping) <jackiszhp@gmail.com>
Date: Thu, 12 Oct 2017 06:00:45 +0800
Message-ID: <CAKRyGxuO96BaB5JqrBpHLKv_fSjATsJ2h0=ZLtO5LB0pHz1Pig@mail.gmail.com>
To: Florian Bösch <pyalot@gmail.com>, "public-webapps@w3.org" <public-webapps@w3.org>
>> I have already responded this to Tab Atkins as follows:
> You have not. And I ask again. How do you instruct a browser which resource
> is ok to request from another origin?
When I said "as follows:", the answer text followed. And I elaborated
a bit more than asked, and at the end I challenge you to defeat me.
Please read that or here:
http://lists.w3.org/Archives/Public/public-webapps/2017OctDec/0024.html
There is no point for me to copy it here again.

But in one sentence: I do not need the browser to do the authorization
check for me, I do the authorization check myself at server
https://bankA.com/.

with best regards
Jack (Zhan, Hua Ping詹华平)
+86-153-9230-9232
QQ: 94544458  欢迎加我,欢迎访问QQ空间
twitter: https://twitter.com/jackzhp/with_replies
Received on Wednesday, 11 October 2017 22:01:09 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 9 November 2017 09:59:04 UTC