Hi Maciej, > > Read <from> > If the <from> resource is owned by the domain specified by Origin, return > the data. > ..... > CrossDomainCopy <from-domain> <from-resource> <read-token> <to-domain> > <to-resource> <write-token>
I don't understand the aim of the whole protocol you have outlined above. Are you saying CORS should be rewritten to directly support such a design ? or Is this a design pattern you are recommending (for use with CORS) ? If the latter, do you honestly expect web developers to read and understand all that ? Or have I missed the point completely ? Cheers Devdatta
