Re: About using CORS (was: Re: WebFonts WG Kick-off) from Robert O'Callahan on 2010-04-26 (public-webfonts-wg@w3.org from April 2010)

From: Robert O'Callahan <robert@ocallahan.org>
Date: Mon, 26 Apr 2010 22:28:38 +1200
To: public-webfonts-wg@w3.org
Cc: Anne van Kesteren <annevk@opera.com>
Message-ID: <s2s11e306601004260328g2bcaa501ua67419a077c00115@mail.gmail.com>

Anne van Kesteren wrote:
> CORS is meant to lift restrictions that unless otherwise in place would be

> privacy problems.

I think the underlying issue here is whether font loads should apply a
same-origin restriction by default. As far as I know, there's nothing in the
CORS spec that ties it to a particular *motivation* for same-origin
restriction, or to particular resource types. CORS should be applicable to
any kind of same-origin restriction.

Rob
-- 
"He was pierced for our transgressions, he was crushed for our iniquities;
the punishment that brought us peace was upon him, and by his wounds we are
healed. We all, like sheep, have gone astray, each of us has turned to his
own way; and the LORD has laid on him the iniquity of us all." [Isaiah
53:5-6]

Received on Monday, 26 April 2010 10:29:10 UTC