[p2p-hackers] Re: [rest-discuss] Re: RESTful authorization
Tyler Close
tyler.close at gmail.com
Tue Sep 27 15:08:51 UTC 2005
Hi Justin, coderman,
On 9/27/05, coderman <coderman at gmail.com> wrote:
> On 9/27/05, Justin Chapweske <justin at chapweske.com> wrote:
> > Based on your description, such as a system wouldn't work very well due
> > to leaks from referrers
(snip)
> what would be nice is a simple way to toggle your wiki/site software
> in one of two modes:
> [ ] tell remote hosts my referrer details
> [ ] do not disclose any information about me (referrer) to remote hosts
Which is exactly the formula implemented in web browsers for http vs https.
Web browsers don't leek https URLs in the Referer header.
Tyler
--
The web-calculus is the union of REST and capability-based security:
http://www.waterken.com/dev/Web/
Name your trusted sites to distinguish them from phishing sites.
https://addons.mozilla.org/extensions/moreinfo.php?id=957
More information about the P2p-hackers
mailing list