43
edits
Specifications/Cross Domain Access Policies: Difference between revisions
Jump to navigation
Jump to search
Specifications/Cross Domain Access Policies (view source)
Revision as of 16:00, 23 May 2005
, 23 May 2005"to" attribute
(added IDN) |
("to" attribute) |
||
| Line 32: | Line 32: | ||
=== Whitelisting === | === Whitelisting === | ||
The policy file works like a whitelist. It lists which outside domains have access to web | The policy file works like a whitelist. It lists which outside domains have access to web services on this domain and what types of services they may consume. The '''allow''' element is used for this, and the domain is specified in its '''from''' attribute. Full domains may be used, such as <tt><nowiki>www.foo.com</nowiki></tt>, or wildcarded ones such as <tt><nowiki>*.foo.com</nowiki></tt>, or even just <tt><nowiki>*</nowiki></tt> to allow any domain. If no '''from''' attribute is set, then any domain is allowed. If the implementor is [http://www.ietf.org/html.charters/idn-charter.html IDN] aware, then the '''from''' attribute should be IDN aware as well. | ||
For enhanced security, the '''allow''' element can also specify which subdirectory on the current domain this rule applies to, using the '''to''' attribute. So if '''to''' is set to <tt><nowiki>service/</nowiki></tt>, then that rule only applies for services located in that directory. | |||
=== Types of Services === | === Types of Services === | ||