* Tyler Close wrote: >If Mozilla agrees to implement it, I'd like UMP to specify a new >header named "U" whose value is either "*" or a list of allowed >response headers. A response with this header is opting out of Same >Origin Policy protection for both the response entity and the listed >response headers. The response is not required to also include the >Access-Control-Allow-Origin header, but can for compatibility with >current implementations.
It is unlikely that a header "U" would be met with enthusiasm, as a network administrator would not be able to discern from the name what it is about, or use a search engine to find out about it, without considerable effort at least. -- Björn Höhrmann · mailto:bjo...@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/