W3C define and structure a client-side documents greater control over who can, and can not, request them via a browser-based request (such as via an Ajax Request ). that W3C framework called W3C Access Control.
Additionally, this access control scheme gives applications the ability to allow for cross-site requests.
Thus one could, theoretically, request a document from google.com, via an XMLHttpRequest in a page on yoursite.com (once the access control points were put in place). This level of control gives content creators greater amounts of flexibility when it comes to allowing their users to build mashups and applications using their information.
“It's not about how to achieve your dreams, it's about how to lead your life, ... If you lead your life the right way, the karma will take care of itself, the dreams will come to you.” ― Randy Pausch, The Last Lecture
Friday, December 12, 2008
what is cross domain XMLHttpRequest (CS-XHR) ?
Labels:
java script,
php,
security,
W3C
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment