On Mon, 4 Feb 2019 at 19:41, Jonas Schäfer <[email protected]> wrote:
> On Sonntag, 3. Februar 2019 18:18:20 CET Tedd Sterr wrote: > > PR #743 - XEP-0156: Add implementation notes suggesting CORS - > > https://github.com/xsf/xeps/pull/743 Dave: +1 (doesn't actually > recommend * > > just uses it as an example, this is equivalent data DNS SRV/TXT records, > so > > I don't see a problem) Georg: [on-list] (CORS headers are a Security, and > > just allowing * is probably a dumb idea) Jonas: [on-list] (because of > what > > Georg said) > > Kev: +1 > > Link: +1 > > I don’t have the web knowledge or the motivation to write out a good > paragraph > which handles this. As a workaround, I’d be fine if one simply deletes the > example and leave the rest as-is. > > Could you articulate what you think the problem with '*' is? > kind regards, > Jonas_______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: [email protected] > _______________________________________________ >
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
