[whatwg] Cross Domain Policies

Doron Rosenberg doronr at gmail.com
Sat Jul 24 09:05:03 PDT 2004


Back at Netscape, when we were working on Mozilla's web services
support, we introduced a security model where a web services hosting
domain can allow cross domain calls to it, controlled via an XML file
(read more at http://lxr.mozilla.org/mozilla/source/extensions/webservices/docs/New_Security_Model.html).

Macromedia introduced a similar model (different file name and syntax
though) into Flash
(http://www.macromedia.com/support/flash/ts/documents/loadvars_security.htm).

Would the WhatWG be the right place to standardize this?  It could be
made more generic than just Web Services,



More information about the whatwg mailing list