[whatwg] Proposal for cross domain security framework
Frode Børli
frode at seria.no
Fri Jun 20 12:18:52 PDT 2008
> Web applications could still easily ported from one system to the
> other, because the file would be processed transparently.
>
> The only problem I see is getting the allowed domains right, the
> xsocket file can point to. On the one hand, you may want a dedicated
> machine for the persistent connections if you run a very popular
> service and anticipate many connections at once. On the other hand,
> you don't want an evil site getting access to your service using their
> own xsocket file.
All servers that can accept connections must have a xsocket file.
The only way around this that I see is my reverse DNS proposal...
--
Best regards / Med vennlig hilsen
Frode Børli
Seria.no
Mobile:
+47 406 16 637
Company:
+47 216 90 000
Fax:
+47 216 91 000
Think about the environment. Do not print this e-mail unless you really need to.
Tenk miljø. Ikke skriv ut denne e-posten dersom det ikke er nødvendig.
More information about the whatwg
mailing list