[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[APPS-REVIEW] HTTP cross-domain scripting access control W3C document
FYI:
http://www.w3.org/TR/access-control/
"This document defines a mechanism to enable client-side cross-site
requests. Specifications that want to enable cross-site requests in an
API they define can use the algorithms defined by this specification.
If such an API is used on http://example.org resources, a resource on http://hello-world.example
can opt in using the mechanism described by this specification
(e.g., specifying Access-Control-Allow-Origin: http://example.org as
response header), which would allow that resource to be fetched cross-
site from http://example.org.";
_______________________________________________
APPS-REVIEW mailing list
APPS-REVIEW at ietf.org
https://www.ietf.org/mailman/listinfo/apps-review