David,
Thanks for the comments. I agree we need to be careful not to break
existing security
assumptions. One general point I'd make though is if CORS is to be the
standard for cross-origin
web clients built using Javascript, then why would we not allow Java
based clients interact with
server
On 04/11/2013 04:23 PM, mark.reinh...@oracle.com wrote:
Posted: http://openjdk.java.net/jeps/183
I have a few comments/random thoughts about this. It says:
Security: Will need to be reviewed carefully since this feature does relax the
network security model in two ways:
No explicit network
Posted: http://openjdk.java.net/jeps/183
- Mark
