The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 |
Newsgroups: mozilla.dev.planning
From: Daniel Veditz <dved...@mozilla.com>
Date: Fri, 12 Jun 2009 16:31:20 -0700
Local: Fri, Jun 12 2009 7:31 pm
Subject: Re: bugzilla.mozilla.org improvements
Andrew Sutherland wrote: As long as it's only returning public data (i.e. XS-XHR without cookies) > 1: Grepping bugzilla trunk, I saw no mention of the > Access-Control-Allow-Origin header that would allow cross-site XHR in FF > 3.5, and a quick check against bmo using "wget --server-response" did > not show the header being introduced by the server either. Just having > the server enable the header is probably a very wrong thing because of > the potential horrible cross-site hacks. I don't see what would be wrong about enabling this. Would not help me in particular because I deal with a lot of bugs that are restricted to groups, but could be useful for a lot of other things. Allowing bugzilla installations to specify "trusted servers" for more You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
| |||||||||||||