W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2004

[whatwg] Re: Cross Domain Policies

From: Malcolm Rowe <malcolm-what@farside.org.uk>
Date: Sat, 24 Jul 2004 17:35:17 +0100
Message-ID: <courier.41028FC5.000002F5@mail.farside.org.uk>
Doron Rosenberg writes:
> [...] a web services hosting
> domain can allow cross domain calls to it, controlled via an XML file

fwiw, one disadvantage of this approach is that it relies on the existence 
of a particular file at the root directory. The problems with this method 

* It assumes that "one hostname = one web 'site'", where 'site' is an 
administrative grouping. There's no way to delegate responsibility closer to 
the user of the functionality. 

* It pollutes the URI namespace, which should be under the control of the 
site's owner. 

This is W3C TAG issue siteData-36. References:

> Would the WhatWG be the right place to standardize this?  It could be
> made more generic than just Web Services,

If WHATWG was to pick some of this up, I think that they should try to avoid 
the problems mentioned above, or, if at all possible, work with the TAG to 
help explore some possible solutions to the general issue. 

Received on Saturday, 24 July 2004 09:35:17 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:35 UTC