Uniform Messaging Policy, Level One Draft Published

Author(s) and publish date


The Web Applications Working Group has published the First Public Working Draft of Uniform Messaging Policy, Level One. The Uniform Messaging Policy (UMP) enables cross-site messaging that avoids Cross-Site-Request-Forgery and similar attacks that abuse HTTP cookies and other credentials. For example, content from customer.example.org can safely specify requests to resources determined by service.example.com. Rather than restricting information retrieval to a single origin, as the Same Origin Policy almost does, the Uniform Messaging Policy supports origin independent messaging. Learn more about the Rich Web Client Activity.

Related RSS feed