InformAction Forums

Hello. I read the 0.5 abe rules spec, searched for "abe self" here and the two pages linked from noscript. Still looking for this answer.

What is the behavior of SELF? I see it used in two ways and wonder if I third exists?

1. What does it mean to put SELF before a resource versus SELF alone? For example: 2. Can I write the following and it mean 'allows all behavior from *.eye.fi to my local computer'

SELF designates "the same sites as the destination", and it makes sense only in a from clause.
For instance, means that my mail server and my "private" server will accept requests from themselves only (i.e. will not allow other sites to link them for CSRF).
means that every subdomain of somesite.com (*.somesite.com) accept POST and framed request from themselves and https://secure.somesite.com, i.e. http://www.somesite.com >>> http://www.somesite.com is OK, https://secure.somesite.com >>> http://www.somesite.com is OK, but http://mail.somesite.com >>> http://www.somesite.com will fail just like http://evil.com >>> http://www.somesite.com.
Your local computer and LAN is conveniently represented by the LOCAL placeholder.
However if you've got no web application running there it doesn't make much sense: means that web applications running inside your LAN (including your own computer) will accept all kind of HTTP requests originated from *.eye.fi web pages.

Thank you. That all makes sense and is clear.