- From: Hallvord Reiar Michaelsen Steen <hallvors@online.no>
- Date: Wed, 09 Mar 2005 18:05:00 +0100
On 8 Mar 2005 at 19:09, Chris Holland wrote: > How about requiring from a service that it sets an extra HTTP header > to offer its content to "foreign" hosts: > > X-Allow-Foreign-Host: All | None | .someforeigndomain.com | > .somehost.someforeigndomain.com I think that's a neat idea (and I was about to post something similar). Perhaps we can simply extend the XMLHttpRequest functionality saying that the UA should do a HEAD request and check for this header before throwing an exception if a cross-domain connection is attempted? -- Hallvord Reiar Michaelsen Steen http://www.hallvord.com/ Note: mail to hallvors at online.no will still be read but you may want to start using hallvord at hallvord.com instead
Received on Wednesday, 9 March 2005 09:05:00 UTC