- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 25 Sep 2007 14:52:17 +0200
- To: "Web API WG (public)" <public-webapi@w3.org>
On Sat, 22 Sep 2007 05:28:13 +0200, Maciej Stachowiak <mjs@apple.com> wrote: > On Sep 21, 2007, at 3:34 AM, Anne van Kesteren wrote: >> I think HTML5 needs to define this as my understanding is that >> document.domain is also relevant in deciding whether or not a request >> is same-origin. I'm not sure if that's happening soon though. > > I don't think document.domain would apply when determining same origin > for XMLHttpRequest. Thanks Boris, Jonas and Maciej for your replies. http://dev.w3.org/2006/webapi/XMLHttpRequest/Overview.html#same-origin defines same-origin for two URIs and is used in http://dev.w3.org/2006/webapi/XMLHttpRequest/Overview.html#open It would be nice to get some implementation feedback on what to do about data:, javascript: etc. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Tuesday, 25 September 2007 12:52:31 UTC