[owasp-intrinsic-security] Fwd: FYI, Origin header in IETF HTTP WG

• Previous message: [owasp-intrinsic-security] Fwd: FYI, Origin header in IETF HTTP WG
• Next message: [owasp-intrinsic-security] Web application framework security comparison
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Seba wrote on 1/27/2009 2:16 AM: 
> Thought you wanted to know this.
> What can we propose as feedback to the IETF workgroup ?

And there's also been some discussion on the public-webapps list too in three threads that might be worthwhile reading through:

	Do we need to rename the Origin header?
	http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/#msg57

	[access-control] Access-Control-Allow-Origin: * and ascii-origin in IE8
	http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/#msg90

	Origin IETF draft
	http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/#msg124


The most critical discussion though has been on the ietf-http-wg list.


- Bil

• Previous message: [owasp-intrinsic-security] Fwd: FYI, Origin header in IETF HTTP WG
• Next message: [owasp-intrinsic-security] Web application framework security comparison
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]