Good to know, thank you.
On Fri, Jul 22, 2011 at 5:55 AM, Dave Cridland <dave(_at_)cridland(_dot_)net>
wrote:
On Fri Jul 22 03:24:41 2011, David Endicott wrote:
there are added inefficiencies. Also the name resolution of the HTTP
that
serves the Javascript that opens the WS should remain constant. If WS
resolves the host/domain to a different address than the HTTP it was
spawned
from, it becomes a method to bypass same-origin / CORS restrictions.
That's an unfortunate misunderstanding.
All protocols that use SRV records maintain the target domain.
So a ws://example.com/xyz would still send a Host header of "example.com",
whether SRV or not, so there is no impact on same origin policy, CORS, etc.
Dave.
--
Dave Cridland - mailto:dave(_at_)cridland(_dot_)net -
xmpp:dwd(_at_)dave(_dot_)cridland(_dot_)net
-
acap://acap.dave.cridland.net/**byowner/user/dwd/bookmarks/<http://acap.dave.cridland.net/byowner/user/dwd/bookmarks/>
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf