hey, both of your messages were marked by gmail as phishing (they
claim the sender isn't who it appeared to be). Is this normal? Is it
because of the mailing list?
This means that people like me might not have seen either message.
On 8 Apr 2009, at 02:29, Jonas Sicking wrote:
But it's for a limited time. In a few years hopefully all browsers
supports cross site XHR. And if you can already today follow the
advice that you should not rely on XHR not honoring your request just
because it's a cross site URI.
You are
The XML Security WG would like to refine the question about the
suitability of elliptic curve as a mandatory to implement algorithm
for XML Signature 1.1 by highlighting that the scope of elliptic
curve is greatly limited in what is proposed to be mandatory in XML
Signature 1.1.
As
On Apr 6, 2009, at 6:46 AM, ext Marcos Caceres wrote:
I had a discussion with Anne on IRC about using the Storage interface
and XHR [1]. He recommended that we recommend support for Storage only
on user agents that support HTML5. With regards to XHR, the same
applies: it would be a property of
On Fri, Apr 3, 2009 at 11:17 AM, jere.kapy...@nokia.com wrote:
Well,
the ZIP file specification does say that all values are stored in
little-endian byte order unless otherwise specified. The local file header
signature is the four bytes 50 4B 03 04, in this order, always. Endianness
is not
Hi Rainer,
On Mon, Mar 2, 2009 at 2:56 PM, Hillebrand, Rainer
rainer.hillebr...@t-mobile.net wrote:
RH: I would recommend not to standardize a base security policy for all
markets on the world. It would take too long. However, we might want to
discuss for Widgets 2.0 whether we would try
Adam Barth wrote on 4/7/2009 4:36 PM:
HTML5:
http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#navigate-fragid-step
Barth: http://www.ietf.org/internet-drafts/draft-abarth-origin-00.txt
These two, at least, are the same. We separated the XXX-Origin
On Wed, Apr 8, 2009 at 10:34 AM, Bil Corry b...@corry.biz wrote:
Is draft-abarth-origin-00.txt entirely compatible now with CORS-Origin?
Yes, as far as I know. If you find any incompatibility, please let me
know and I'll fix it.
Adam
On Wed, Apr 8, 2009 at 2:23 AM, Thomas Roessler t...@w3.org wrote:
Incidentally, just framing this as XHR vs XDR is a bit simplistic: E.g.,
one could imagine a method enableCrossSiteRequests (or something like
that) which needs to be invoked before XHR can do cross site requests.
Oh, indeed.
(I originally blogged this at
http://blog.vlad1.com/2009/04/06/html5-web-storage-and-sql/, but Hixie
rightfully pointed out that I should post it here for discussion --
doing so! Blog post is copied pretty much verbatim below, so apologies
if it sounds more blog-y than post-y.)
There's been
Adam Barth wrote on 4/9/2009 12:21 AM:
On Wed, Apr 8, 2009 at 10:09 PM, Bil Corry b...@corry.biz wrote:
Using the above scenario, if Origin was populated and sent for all
same-origin requests (including GET), the website could simply redirect any
request for any protected resource that
11 matches
Mail list logo
