Re: adding Access-Control-Allow-Local to CORS

On Wed, Mar 5, 2014, at 1:38, Mountie Lee wrote:
> let me propose "Access-Control-Allow-Local" to CORS.
> 
> current CORS spec is defined for remote resources.
> 
> but some local resources like localStorage, IndexedDB are bound to
> specific
> origin
> even by considering Web Messaging technology or cloning of objects,
> still I think we need additional control for local resources.
> 
> my suggestion is
> 
> Access-Control-Allow-Local: "Access-Control-Allow-Local" ":" (Resource
> Name)
> 
> any comment?

What parts are you not able to share using postMessage, you say? I'm not
sure I follow why you'd need this?

http://www.whatwg.org/specs/web-apps/current-work/multipage/web-messaging.html
-- 
  Odin Hørthe Omdal
  odinho@opera.com

Received on Saturday, 8 March 2014 00:14:40 UTC