The W3C Voice Browser, Web APIs,
and Web Application Formats (WAF) Working Groups have posted a new working
draft of Access Control for Cross-site Requests.
According to the draft, "This document defines a mechanism to enable client-side cross-site
requests. Specifications that want to enable cross-site requests in an API
they define can use the algorithms defined by this specification. If such
an API is used on http://example.org resources, a resource on
http://hello-world.example can opt in using the mechanism
described by this specification (e.g., specifying
Access-Control-Allow-Origin: http://example.org as response
header), which would allow that resource to be fetched cross-site from
http://example.org."
