[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [APPS-REVIEW] HTTP cross-domain scripting access control W3C document

To: Lisa Dusseault <ldusseault at commerce.net>
Subject: Re: [APPS-REVIEW] HTTP cross-domain scripting access control W3C document
From: Mark Nottingham <mnot at yahoo-inc.com>
Date: Thu, 20 Nov 2008 18:30:54 -0800
Cc: Apps Discuss <discuss at ietf.org>, APPS-REVIEW at ietf.org
Delivered-to: ietfarch-apps-review-web-archive at core3.amsl.com
Delivered-to: apps-review at core3.amsl.com
Domainkey-signature: a=rsa-sha1; s=serpent; d=yahoo-inc.com; c=nofws; q=dns; h=cc:message-id:from:to:in-reply-to:content-type: content-transfer-encoding:mime-version:subject:date:references:x-mailer; b=1hn1we55dGZ0StteWIriGpVdPLefYmTodiR08ZO9+t6WlcF2ZhiPZJwH6b3PdC/M
In-reply-to: <A1720980-7954-452C-972F-3C6265A05626 at commerce.net>
List-archive: <http://www.ietf.org/pipermail/apps-review>
List-help: <mailto:apps-review-request@ietf.org?subject=help>
List-id: Applications Review List <apps-review.ietf.org>
List-post: <mailto:apps-review@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/apps-review>, <mailto:apps-review-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-review>, <mailto:apps-review-request@ietf.org?subject=unsubscribe>
References: <A1720980-7954-452C-972F-3C6265A05626 at commerce.net>
Sender: apps-review-bounces at ietf.org

Have they asked for an APPS area review?

Cheers,


On 19/11/2008, at 12:36 PM, Lisa Dusseault wrote:

FYI:

http://www.w3.org/TR/access-control/
"This document defines a mechanism to enable client-side cross-siterequests. Specifications that want to enable cross-site requests inan API they define can use the algorithms defined by thisspecification. If such an API is used on http://example.orgresources, a resource on http://hello-world.example can opt in usingthe mechanism described by this specification (e.g., specifyingAccess-Control-Allow-Origin: http://example.org as response header),which would allow that resource to be fetched cross-site from http://example.org."
_______________________________________________
APPS-REVIEW mailing list
APPS-REVIEW at ietf.org
https://www.ietf.org/mailman/listinfo/apps-review


--
Mark Nottingham       mnot at yahoo-inc.com


_______________________________________________
APPS-REVIEW mailing list
APPS-REVIEW at ietf.org
https://www.ietf.org/mailman/listinfo/apps-review

References:
- [APPS-REVIEW] HTTP cross-domain scripting access control W3C document
  - From: Lisa Dusseault

Prev by Date: [APPS-REVIEW] HTTP cross-domain scripting access control W3C document
Next by Date: Re: [APPS-REVIEW] Metalink XML Download Description Format (draft-bryan-metalink-01)
Previous by thread: [APPS-REVIEW] HTTP cross-domain scripting access control W3C document
Index(es):
- Date
- Thread