[whatwg] Proposal for cross domain security framework

Frode Børli frode at seria.no
Fri Jun 20 12:18:52 PDT 2008

> Web applications could still easily ported from one system to the
> other, because the file would be processed transparently.
> The only problem I see is getting the allowed domains right, the
> xsocket file can point to. On the one hand, you may want a dedicated
> machine for the persistent connections if you run a very popular
> service and anticipate many connections at once. On the other hand,
> you don't want an evil site getting access to your service using their
> own xsocket file.

All servers that can accept connections must have a xsocket file.

The only way around this that I see is my reverse DNS proposal...

Best regards / Med vennlig hilsen
Frode Børli

+47 406 16 637
+47 216 90 000
+47 216 91 000

Think about the environment. Do not print this e-mail unless you really need to.

Tenk miljø. Ikke skriv ut denne e-posten dersom det ikke er nødvendig.

More information about the whatwg mailing list