Re: [webappsec] Proposed text for jsonp directives

What's the status of this proposal?


On Fri, Jan 11, 2013 at 5:48 PM, Hill, Brad <> wrote:
> Per ACTION-98 assigned to me, attached find a draft of proposed text for two directives related to JSONP calls.  These directives would allow a protected resource to call legacy JSONP APIs using the src attribute of a script element, but constrain the execution to a safe, CORS-equivalent model.
> Feedback appreciated.
> Brad Hill

Received on Wednesday, 6 March 2013 00:17:24 UTC