W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2013

Fwd: Cross-Origin Resource Sharing - text

From: Anne van Kesteren <annevk@annevk.nl>
Date: Tue, 24 Sep 2013 17:59:14 -0400
Message-ID: <CADnb78jzRrMMQpRQBqJyO7EvduLWr9y-qtZXS_86BHG8fanCNA@mail.gmail.com>
To: WebAppSec WG <public-webappsec@w3.org>
Cc: "Spradley, Ted (Sales IT)" <ted.spradley@hp.com>
(Forwarding with permission.)

Brad, you might want to look at this. It does not seem to apply to

---------- Forwarded message ----------
Date: Tue, Sep 24, 2013 at 3:45 PM


Please accept this suggestion for wording in the spirit submitted.

Regarding text from http://www.w3.org/TR/cors/ version cors-2030129:

The sentence “The user agent validates that the value and origin of
where the request originated match” may better communicate the
intended meaning if it reads:

“The user agent validates that the response
Access-Control-Allow-Origin header value matches the origin from where
the request originated.”

Thank you,

Ted Spradley

Advanced Planning and SPT Labs
Hewlett Packard

Received on Tuesday, 24 September 2013 21:59:41 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:34 UTC