%% You should probably cite rfc6454 instead of this I-D.
@techreport{ietf-websec-origin-06,
    number =    {draft-ietf-websec-origin-06},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-websec-origin/06/},
    author =    {Adam Barth},
    title =     {{The Web Origin Concept}},
    pagetotal = 20,
    year =      2011,
    month =     oct,
    day =       3,
    abstract =  {This document defines the concept of an "origin", which is often used as the scope of authority or privilege by user agents. Typically, user agents isolate content retrieved from different origins to prevent malicious web site operators from interfering with the operation of benign web sites. In addition to outlining the principles that underlie the concept of origin, this document details how to determine the origin of a URI and how to serialize an origin into a string. It also defines an HTTP header field, named "Origin", that indicates which origins are associated with an HTTP request. {[}STANDARDS-TRACK{]}},
}