[owasp-intrinsic-security] Fwd: FYI, Origin header in IETF HTTP WG

Bil Corry bil at corry.biz
Tue Jan 27 17:11:02 EST 2009

Seba wrote on 1/27/2009 2:16 AM: 
> Thought you wanted to know this.
> What can we propose as feedback to the IETF workgroup ?

And there's also been some discussion on the public-webapps list too in three threads that might be worthwhile reading through:

	Do we need to rename the Origin header?

	[access-control] Access-Control-Allow-Origin: * and ascii-origin in IE8

	Origin IETF draft

The most critical discussion though has been on the ietf-http-wg list.

- Bil

More information about the owasp-intrinsic-security mailing list