- From: Michael Carter <cartermichael@gmail.com>
- Date: Wed, 18 Jun 2008 14:09:02 -0700
> Still I do not believe it should have a specific protocol. If a > protocol is decided on, and it is allowed to connect to any IP-address > - then DDOS attacks can still be performed: If one million web > browsers connect to any port on a single server, it does not matter > which protocol the client tries to communicate with. The server will > still have problems. > Aren't there and identical set of objections to the cross-domain access-control header? Or microsofts XDR object? Even without Websocket, browsers will be making fully cross-domain requests, and the only question left is how exactly to implement the security in the protocol. That said, there's no additional harm in allowing WebSocket to establish cross-domain connections, but there are many benefits. -Michael Carter -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20080618/4e1bc6ec/attachment.htm>
Received on Wednesday, 18 June 2008 14:09:02 UTC