Security/Origin: Difference between revisions

Jump to navigation Jump to search

Security/Origin (view source)

Revision as of 23:56, 20 July 2009

96 bytes removed ,  20 July 2009
m
→‎Selection of "null" token
Line 21: Line 21:


=== Selection of "null" token ===
=== Selection of "null" token ===
TODO: describe why we chose "null" instead of something like "redacted" or "private" or "fail".


In some scenarios, the string "null" is sent in lieu of origin information.  This is done to indicate that the cause of the request is not trustworthy, even though it may come from the same origin.  Certain requests are not generally useful as state-changing triggers (like requests for stylesheets, images or window navigation) and probably should not be trusted even if sent same-origin.
In some scenarios, the string "null" is sent in lieu of origin information.  This is done to indicate that the cause of the request is not trustworthy, even though it may come from the same origin.  Certain requests are not generally useful as state-changing triggers (like requests for stylesheets, images or window navigation) and probably should not be trusted even if sent same-origin.
Sidstamm
canmove, Confirmed users
1,537

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/156417"

Navigation menu