[cap-talk] Fwd: [cors] TAG request concerning CORS &Next Step(s)
Adam Barth
cap-talk at adambarth.com
Wed Jul 8 16:15:05 EDT 2009
On Wed, Jul 8, 2009 at 12:37 PM, David-Sarah
Hopwood<david-sarah at jacaranda.org> wrote:
> stay wrote:
>> On Mon, Jul 6, 2009 at 2:53 PM, Karp, Alan H<alan.karp at hp.com> wrote:
>>> To your first point above, can the software making the request be a script
>>> on a page or a browser plug-in? If so, what prevents Bob's Finance from
>>> delivering to the user's browser software that will make requests as Acme Finance?
>>
>> The fact that almost no one installs plugins.
>
> That's not true. They install Flash, and Flash ActionScript code can make
> such requests.
Can you build a demo to support this claim? I'm not aware of how to
do this unless the target of the request opts in.
Adam
More information about the cap-talk
mailing list