Re: SVG 1.2 Comment: B.2.3 Socket Connections

Thomas DeWeese wrote:
>    Why would you restrict ports if you restrict to the originating
> server?

Because webhosting is fairly common.  In that case you have many 
hostnames associated with a single server, and a different port may well 
correspond to a different entity (in the "person or organization" sense 
of entity).

> BTW you absolutely should not allow even HTTP requests to anything but
> the originating server from Script, otherwise they can browse
> a persons intranet

Of course.

>    Sorry, I totally disagree, this is still a very useful interface.
> Not everything on the web is or should be HTTP.  There are many
> cases where you want long lived connections with Bi-directional
> data.

I agree with this in principle.  I just don't see how it can be made to 
work semi-reliably in practice without being a major hassle to the user 
(having to manually white-list sites, etc).

-Boris

Received on Thursday, 4 November 2004 19:15:35 UTC