Terri wrote:
> There's a lot of small differences between our proposals,
And some big ones, if (for example) SSP ends up restricted to POST.
> and I'd like
> to point out some differences between our "soma-approval" and your
> "request-source" that are important:
>
> (1) Because the request-sou
[EMAIL PROTECTED] wrote:
> Analyzed, no... but I agree that the Request-Source checks should only
> be made for non-safe methods. The proposal includes that statement,
> though perhaps it could have been made more prominently:
> http://people.mozilla.com/~bsterne/site-security-policy/details.html#
