Talk:Cross-origin resource sharing
Server Side Control vs. Browser Side Control
The webpage sthFrom1st.html needs to tell the web browser what sites can be deemed as the same origin.
In fact, I think that this is easy to specify. In the html head, we can specify additional domains should be allowed to access. Browsers read these, then the original domain and the additional domains are all deemed to be the same origin. Currently, it is the browser block us. I am at http://1st.com/a.html, then I access http://2nd.com/d.html, with ajax or xmlhttprequest, use firefox, I can clearly see that the remote server returns everything, and everything is good. but the browser does not allow me to access the content.
- This is not the right place for discussing the future of browser technology. I suggest you bring your use case and proposal to the mailing list of the Web Applications Working Group of W3C, where CORS, the specification of Cross Domain control in your terminology and the subject of this entry, is being developed. I'll delete your section for the moment as "we" (and also future stuff) is fairly rare in Wikipedia. — Kennyluck (talk) 22:29, 27 June 2011 (UTC)
URLs in examples
The following URL, used in the "simple example" section, does not follow best standard practice. As per RFC 2606: