Jonas,
Let me circle back to the top now and see if I can play this back.
1. Of course, when writing a server, it's up to me to implement access
control decisions.
2. To protect a plethora of poorly-protected servers out there, CORS
puts an additional level of access control in clients.
3. To
On Fri, Dec 2, 2011 at 5:29 AM, Benson Margulies bimargul...@gmail.com wrote:
Jonas,
Let me circle back to the top now and see if I can play this back.
1. Of course, when writing a server, it's up to me to implement access
control decisions.
2. To protect a plethora of poorly-protected
There's a problem with REST-ful services, as exemplified by the JAX-RS
standard, and CORS as drafted.
A JAX-RS server names a resource, in part, via the content-type of a
request. A POST with content-type of application/json names a
different resource (in as much as it selects a different method
On 2011-12-01 21:20, Benson Margulies wrote:
There's a problem with REST-ful services, as exemplified by the JAX-RS
standard, and CORS as drafted.
A JAX-RS server names a resource, in part, via the content-type of a
request. A POST with content-type of application/json names a
different
Let me try to present this more clearly.
First of all, I did not design or implement JAX-RS itself. The
committee that designed it might have done something wrong in their
dispatching approach. However, *I* am merely working on implementing a
facility for the resource side of CORS in a JAX-RS
On 2011-12-02 00:11, Benson Margulies wrote:
Let me try to present this more clearly.
First of all, I did not design or implement JAX-RS itself. The
committee that designed it might have done something wrong in their
dispatching approach. However, *I* am merely working on implementing a
On Thu, Dec 1, 2011 at 12:20 PM, Benson Margulies bimargul...@gmail.com wrote:
There's a problem with REST-ful services, as exemplified by the JAX-RS
standard, and CORS as drafted.
A JAX-RS server names a resource, in part, via the content-type of a
request. A POST with content-type of
On Thu, Dec 1, 2011 at 6:53 PM, Jonas Sicking jo...@sicking.cc wrote:
On Thu, Dec 1, 2011 at 12:20 PM, Benson Margulies bimargul...@gmail.com
wrote:
There's a problem with REST-ful services, as exemplified by the JAX-RS
standard, and CORS as drafted.
A JAX-RS server names a resource, in
On Thu, Dec 1, 2011 at 4:14 PM, Benson Margulies bimargul...@gmail.com wrote:
On Thu, Dec 1, 2011 at 6:53 PM, Jonas Sicking jo...@sicking.cc wrote:
On Thu, Dec 1, 2011 at 12:20 PM, Benson Margulies bimargul...@gmail.com
wrote:
There's a problem with REST-ful services, as exemplified by the
