ACTION-432: Is there an obvious way to use CORS that introduces a risk of confused deputy attacks or other security risks?

Is there an obvious way to use CORS that introduces a risk of confused deputy attacks or other security risks?

State:: closed
Person:: Charles McCathie Nevile
Due on:: November 9, 2009
Created on:: November 2, 2009
Related emails:: No related emails

Related notes:

http://www.w3.org/2008/webapps/track/issues/108

Michael[tm] Smith, 2 Nov 2009, 22:43:57

Display change log.

Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 432.html,v 1.1 2016/01/25 10:25:45 carine Exp $