[prev in list] [next in list] [prev in thread] [next in thread]
List: whatwg
Subject: [whatwg] Reorganizing and fixing "origin"
From: Anne van Kesteren <annevk () annevk ! nl>
Date: 2013-05-22 7:53:13
Message-ID: CADnb78hBUB16AtVKtwaM159xcmE_2t8vG_aKiph0h6v9SFo53A () mail ! gmail ! com
[Download RAW message or body]
As Bj=C3=B6rn points out in
http://www.ietf.org/mail-archive/web/websec/current/msg01512.html
defining origin of a URL in terms of STD66 is broken. So we should
define it in terms of the URL Standard.
The Origin header also has problems, as it suggests you can have a
space-separated list, which we disallowed almost immediately after the
Origin RFC was published and the IETF group did not accept errata for.
Now "Origin of a URL" can be defined in the URL Standard (not done
yet). I put an updated definition of the header here:
http://fetch.spec.whatwg.org/#http-origin-header
Where should we put the definition of origin itself? Back in HTML? I
guess it still is mostly.
--
http://annevankesteren.nl/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic