[Webkit-unassigned] [Bug 110880] Cross-origin XSLT requests with CORS should be allowed
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Feb 27 07:56:57 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=110880
--- Comment #4 from Adam Barth <abarth at webkit.org> 2013-02-27 07:59:20 PST ---
The short answer is yes, though. We can use CORS to let web sites open into allowing this behavior. I'd have to look at the security issue again to remember exactly which resources need to supply CORS headers.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list