Specifications/Cross Domain Access Policies: Difference between revisions

Jump to navigation Jump to search

Specifications/Cross Domain Access Policies (view source)

Revision as of 04:32, 25 May 2005

592 bytes added ,  25 May 2005
Cross domain and XForms/Web Forms 2.0
(subdirectory, not subdomain doofus.)
(Cross domain and XForms/Web Forms 2.0)
Line 12: Line 12:


The goal of this document is to standardize these two approaches into a more generic model so that it can cover more use cases.
The goal of this document is to standardize these two approaches into a more generic model so that it can cover more use cases.
It is also important to note that this does not only apply to "scripting" languages.  For example, [http://www.w3.org/MarkUp/Forms/ W3C's XForms] allows sending and/or retrieving of XML without any scripting.  Even just being able to send a SOAP request (which can be construted in XForms) cross-domain may be unsecure if the service does not expect being called from outside the firewall.  [http://whatwg.org/specs/web-forms/current-work/ Web Forms 2.0] from the [http://whatwg.org WHATWG] allows sending of XML in a restricted fashion, which for example won't allow faking a SOAP request.


== Controlling Cross-Domain Access on the Server ==
== Controlling Cross-Domain Access on the Server ==
Doron
43

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/21030"

Navigation menu