W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2013

Re: [webappsec] Proposed text for jsonp directives

From: Adam Barth <w3c@adambarth.com>
Date: Tue, 5 Mar 2013 16:16:23 -0800
Message-ID: <CAJE5ia8JcRJDDJvaLcSdca=VsyQfY3KoAJSL7dypFbq2tr9AqA@mail.gmail.com>
To: "Hill, Brad" <bhill@paypal-inc.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
What's the status of this proposal?


On Fri, Jan 11, 2013 at 5:48 PM, Hill, Brad <bhill@paypal-inc.com> wrote:
> Per ACTION-98 assigned to me, attached find a draft of proposed text for two directives related to JSONP calls.  These directives would allow a protected resource to call legacy JSONP APIs using the src attribute of a script element, but constrain the execution to a safe, CORS-equivalent model.
> Feedback appreciated.
> Brad Hill
Received on Wednesday, 6 March 2013 00:17:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:31 UTC