W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2012

Re: comments on Cross-Origin Resource Sharing (CORS) of 3-Apr-2012 (was: hey hey)

From: =JeffH <Jeff.Hodges@KingsMountain.com>
Date: Tue, 05 Jun 2012 16:08:44 -0700
Message-ID: <4FCE917C.7030505@KingsMountain.com>
To: W3C Web App Security WG <public-webappsec@w3.org>

Brad's incorporation of my comments into CORS sec considerations is largely 
fine by me. I've attached a further-redlined version (both .docx and .pdf) of 
the redlined .pdf he had sent to the list with some modest mods.

This sec cons section is large and multi-faceted and so I strongly suggest 
dividing it up into subsections. I've added some suggested subsection titles. 
Brad and my comments also encompass altering the numbering on the bulleted 
items which will help them be more referencable. however it's done is fine by 
me, but as it is it's difficult to reference the numbered items.

Also, my comments from 01 May encompassed more than just the sec cons section 
and humbly suggest that they be considered (I think they'll help the spec be 
understandable by a wider swath of readers).

hope this helps,


Received on Tuesday, 5 June 2012 23:09:11 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:28 UTC