Re: Reminder: Conference call: SOR and CORS vs. From Origin

On 16 feb 2011, at 15:46, Levantovsky, Vladimir wrote:

> Please see http://annevankesteren.nl/2011/02/from-origin for details about the original “From Origin” header proposal.
> 


Thanks, I did.

>  If no From-Origin header is used, embedding will work as it does today. I.e. without restrictions.

An author who wants to host a licensed font then has to fiddle with the server to include the From-Origin header in responses to requests to the font. Right?

To get an idea of the complexity of this proposal: is including the header a matter of, for instance, fiddling with a http.conf, or does it require server application updates?

It was mentioned to include this in future default settings of Apache distributions. In general, how difficult is it to get settings added to Apache?

> Similarly access to the raw data (e.g. from an image or font) remains prohibited.

I'm not sure what Van Kesteren means - access by whom?

Erik

Received on Wednesday, 16 February 2011 15:10:01 UTC