Thomas Roessler wrote:
On 2007-07-05 15:16:34 -0700, Jonas Sicking wrote:This is not the case in our spec, if the author misses adding example.com to Content-Access-Control: deny <*.evil.com> very bad things can happen.I guess that demonstrates why the deny tag isn't that good an idea in the first place.
sigh, keeping saying that without coming up with an alternative seems very unproductive.
/ Jonas
