W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2013

[Bug 23654] New: Point out that Access-Control-Allow-Origin:* is safe for servers not behind a firewall

From: <bugzilla@jessica.w3.org>
Date: Mon, 28 Oct 2013 14:20:04 +0000
To: public-webappsec@w3.org
Message-ID: <bug-23654-4874@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=23654

            Bug ID: 23654
           Summary: Point out that Access-Control-Allow-Origin:* is safe
                    for servers not behind a firewall
           Product: WHATWG
           Version: unspecified
          Hardware: PC
                OS: Windows 3.1
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Fetch
          Assignee: annevk@annevk.nl
          Reporter: annevk@annevk.nl
        QA Contact: sideshowbarker+fetchspec@gmail.com
                CC: hillbrad@gmail.com, mike@w3.org,
                    public-webappsec@w3.org

+++ This bug was initially created as a clone of Bug #14700 +++

In the eventual "How to use CORS" section point out that you can use
Access-Control-Allow-Origin:* safely on servers not behind a firewall.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Monday, 28 October 2013 14:20:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:03 UTC