A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : The Web Origin Concept
Author(s) : A. Barth, et al.
Filename : draft-abarth-origin-06.txt
Pages : 14
Date : 2009-11-25
This document defines the concept of an "origin," which is used by
web browsers to isolate content retrieved from different parties.
The origin concept is defined by a "same-origin" relation and a
serialization algorithm. This document also defines an HTTP Origin
header, which a user agent can use to describe the security contexts
that caused the user agent to initiate an HTTP request. HTTP servers
can use the Origin header to mitigate against Cross-Site Request
Forgery (CSRF) vulnerabilities.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-abarth-origin-06.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-abarth-origin-06.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt