On Thu, Jul 19, 2012 at 4:10 PM, Cameron Jones <cmhjo...@gmail.com> wrote: > Isn't this mitigated by the Origin header?
No. > Also, what about the point that this is unethically pushing the costs > of securing private resources onto public access providers? It is far more unethical to expose a user's private data. -- http://annevankesteren.nl/