W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2013

CSP: set of report URIs

From: Anne van Kesteren <annevk@annevk.nl>
Date: Tue, 19 Mar 2013 07:16:10 -0400
Message-ID: <CADnb78hVaYDdYRq_9n7pvpf5yy9MHzDAkvu0_41+ONhKXwEJqg@mail.gmail.com>
To: WebAppSec WG <public-webappsec@w3.org>
Is this set of URLs guaranteed to be same-origin somehow? Doing a
cross-origin POST request with a JSON entity body is not something
either <form> or XMLHttpRequest with CORS can do so would require at
least a CORS preflight.

Received on Tuesday, 19 March 2013 11:16:42 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:32 UTC