[webkit-dev] Allowing webkit clients to extend XHR security policy
Alexey Proskuryakov
ap at webkit.org
Thu Apr 9 21:03:42 PDT 2009
On 09.04.2009, at 22:38, Aaron Boodman wrote:
> The local scheme feature is actually more powerful than just XHR
If you only need extensions to do XHR, why not just make them use
cross-origin XHR? That way, the extension won't even need to declare
the origins it's going to access - all checks will be server-side, as
with normal cross-origin XHR.
- WBR, Alexey Proskuryakov
More information about the webkit-dev
mailing list