I-D Action:draft-abarth-origin-06.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : The Web Origin Concept
	Author(s)       : A. Barth, et al.
	Filename        : draft-abarth-origin-06.txt
	Pages           : 14
	Date            : 2009-11-25

This document defines the concept of an "origin," which is used by
web browsers to isolate content retrieved from different parties.
The origin concept is defined by a "same-origin" relation and a
serialization algorithm.  This document also defines an HTTP Origin
header, which a user agent can use to describe the security contexts
that caused the user agent to initiate an HTTP request.  HTTP servers
can use the Origin header to mitigate against Cross-Site Request
Forgery (CSRF) vulnerabilities.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-abarth-origin-06.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-abarth-origin-06.txt>
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux