7
edits
Changes
→Details
Additionally [http://lists.w3.org/Archives/Public/public-webapi/2006Jun/0012] is a draft spec for how XMLHttpRequest should interact with the access-control spec. This spec describes some headers that should be included when making a cross site request. (Though I personally wonder if this part should be moved into the access-control spec.) It also describes how to deal with http methods other than GET and POST.
What about [http://lxr.mozilla.org/mozilla/source/extensions/webservices/docs/New_Security_Model.html]?
== Suggested Implementation ==
