On Thu, Apr 9, 2009 at 8:48 AM, Bil Corry <b...@corry.biz> wrote: > My point is that a robust Origin moves us closer to better security controls, > perhaps not all the way, but certainly much closer than CORS-Origin gets us.
I think we should focus on clear use cases and techniques that address those use cases. For example, Mozilla-Origin is useful for mitigating ClickJacking whereas CORS-Origin is not. Adam
