[whatwg] Proposal for cross domain security framework

> Actually, DNS servers, particularly for reverse DNS lookups, are out of the
> control of a huge number of authors on the web. Shared hosting accounts for
> instance don't have a unique reverse IP look up. There are also plenty of


The reverse DNS spec specifically allows one IP address to have
multiple reverse domains.


> people who don't control their DNS at all for whatever reason.


1. People that do not have control over the reverse lookup seldom have
control over multiple servers and seldom require to distribute load
like this.

2. The script should be allowed to connect to its origin server (as
unsigned Java applets are allowed to, today).

3. Hosting providers will add tools allowing their customers to
configure this security framework, if it is required - but again; if
you are on a shared server you most likely will not need to connect to
multiple servers. It will also usually suffice to have a proxy on the
server (like many people do for XMLHttpRequests now).

Received on Monday, 23 June 2008 00:34:27 UTC