X-RequestOrigin
The XWT Foundation
Macromedia Corporation
Security policies are often implemented by network intermediaries such as routers and proxies. These intermediaries are unable to distinguish between requests from requests initiated by a user and requests initiated by untrusted mobile code running on the user's machine. This document describes the X-RequestOrigin hop-by-hop HTTP header, which an HTTP client uses to allow intermediate proxies to make this distinction.