The XHR spec doesn't define same-origin. We had a webkit bug filed
differently where we apparently interpreted same-origin differently
than IE or Firefox: <http://bugs.webkit.org/show_bug.cgi?id=15100>
In particular, we would not consider https://example.com:443/ to be
the same origin as https://example.com/.
Since this affects interoperability as well as security I would
suggest adding a definition, unless the spec expected to define same-
origin is going to happen soon.
Regards,
Maciej
- XHR: definition of same-origin Maciej Stachowiak
-
