(last updated 2008-12-05)

Header field names:
Access-Control-Allow-Origin (response header)
Access-Control-Max-Age (response header)
Access-Control-Allow-Credentials (response header)
Access-Control-Allow-Methods (response header)
Access-Control-Allow-Headers (response header)
Origin (request header)
Access-Control-Request-Method (request header)
Access-Control-Request-Headers (request header)

Applicable protocol:
http

Status:
provisional

Author/Change controller:
W3C Web Applications Working Group
http://www.w3.org/2008/webapps/

Specification documents:
http://www.w3.org/TR/access-control/ (Working Draft)
http://dev.w3.org/2006/waf/access-control/ (Editor's draft)


(file created 2008-12-05)