Would it be a terrible idea to amend BIP 70 to suggest implementors include
a Access-Control-Allow-Origin: * response header for their payment
request responses? I don't think this opens up any useful attack vectors.
I ask because this would make it practical for pure HTML5 web wallets to
use the
It sounds OK to me, although we should all sleep on it for a bit. The
reason this header exists is exactly because mobile code fetching random
web resources can result in surprising security holes.
That's fair. From the server perspective, I'd argue that payment requests /
payments already
. Get started now for free.
http://p.sf.net/sfu/SauceLabs
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
--
Andy Alness
Software Engineer
Coinbase
San
of the P2P protocol. It seems
reasonable especially for inv messages.
On Tue, May 20, 2014 at 2:46 PM, Andy Alness a...@coinbase.com wrote:
Has there ever been serious discussion on extending the protocol to
support UDP transport? That would allow for NAT traversal and for many
more people to run
://lists.sourceforge.net/lists/listinfo/bitcoin-development
--
Andy Alness
Software Engineer
Coinbase
San Francisco, CA
--
Open source business process management suite built on Java and Eclipse
Turn processes into business
5 matches
Mail list logo