[cap-talk] XHR and sandboxed iframes (was: Re: XHR without user credentials)
Tyler Close
tyler.close at gmail.com
Fri Jun 26 20:14:21 EDT 2009
Silly MarkM. ;)
The canonical repository is:
http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/1324.html
The mail-archive.com page inserted additional punctuation that was not
in the original.
--Tyler
On Fri, Jun 26, 2009 at 4:55 PM, Mark Miller<erights at gmail.com> wrote:
> On Fri, Jun 26, 2009 at 4:50 PM, Mark Miller <erights at gmail.com> wrote:
>>
>> The next step on the other face of the CORS controversy -- demonstrating
>> how Origin leads to a second level confused deputy -- has just been posted
>> by Tyler at <http://blog.jclark.com/2009/03/getting-involved-with-m.html>.
>> See the thread starting from there.
>>
>> For those at today's friam meeting, I think this is the same example Tyler
>> talked through verbally and Ihab diagrammed this morning.
>>
>
> Damn! I've had similar copy-paste errors several times lately and none
> before that. I don't know what's up. The link I meant is
> <http://www.mail-archive.com/public-webapps@w3.org/msg04059.html>.
>
> Ironically, this error emphasizes that the accidental leakage issue does
> need to be taken seriously.
>
>
> --
> Text by me above is hereby placed in the public domain
>
> Cheers,
> --MarkM
>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
>
--
"Waterken News: Capability security on the Web"
http://waterken.sourceforge.net/recent.html
More information about the cap-talk
mailing list