Re: CORS from Mike Samuel on 2017-10-12 (public-webapps@w3.org from October to December 2017)

From: Mike Samuel <mikesamuel@gmail.com>
Date: Thu, 12 Oct 2017 14:01:55 -0400
To: "Jack (Zhan, Hua Ping)" <jackiszhp@gmail.com>
Cc: "public-webapps@w3.org" <public-webapps@w3.org>, Anne van Kesteren <annevk@annevk.nl>, Florian Bösch <pyalot@gmail.com>, Travis Leithead <travis.leithead@microsoft.com>
Message-ID: <CACod6GvymKY+Mz9ozo8182RLVPoRawzrj94j-0RmaCykj80b=w@mail.gmail.com>

On Thu, Oct 12, 2017 at 1:03 PM, Jack (Zhan, Hua Ping)
<jackiszhp@gmail.com> wrote:
> http://2nd.com/tickerMSFT or secreteData. Let me stop use Travis'
> evil.com & popularbank.com, I am afraid that some people stop thinking
> clearly when they see the word “evil”. It seems the word stir up their
> emotions.

I agree.  All this talk about evil.com is out of scope and better
handled by reference to other standards.  CORS should adopt a
permissive model within the bounds set by RFC 3514.

Received on Thursday, 12 October 2017 18:02:24 UTC