On Mon, 01 Feb 2010 03:45:54 +0100, Jonas Sicking <[email protected]> wrote:
On Sun, Jan 31, 2010 at 1:50 PM, Anne van Kesteren <[email protected]>
wrote:
I'm not really convinced we need all of
http://dev.w3.org/2006/waf/UMP/
to handle the simple use case it is for. I think UMP can be layered on
top
of CORS by simply letting the origin be a unique identifier and always
have
the credentials flag be false. A new constructor could be used for
XMLHttpRequest -- maybe called AnonXMLHttpRequest() -- to enable this
behavior.
Since most people in the WG seem to think we should have both UMP and
CORS
this solution seems much more straightforward and practical.
Thoughts?
What do you mean by "unique identifier"?
The same as HTML5? I.e. something that results in Origin: null.
--
Anne van Kesteren
http://annevankesteren.nl/
