W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2009

Re: Comments on the HTTP Sec-From Header (draft-abarth-origin)

From: Anne van Kesteren <annevk@opera.com>
Date: Wed, 12 Aug 2009 18:11:20 +0200
To: "Adam Barth" <w3c@adambarth.com>, "Mark Nottingham" <mnot@mnot.net>
Cc: "Ian Hickson" <ian@hixie.ch>, "collinj@cs.stanford.edu" <collinj@cs.stanford.edu>, "HTTP Working Group" <ietf-http-wg@w3.org>
Message-ID: <op.uyj4k60564w2qv@annevk-t60>
On Thu, 23 Jul 2009 04:21:41 +0200, Adam Barth <w3c@adambarth.com> wrote:
> I wonder if this syntax would work for CORS too?  We can take the
> discussion to web-apps if you like, but the idea is if you get a
> redirect (e.g., of a DELETE), then you can add a second Origin header
> to the request instead of modifying the existing header.

Yeah, what is needed is more discussion of this email:

  http://www.w3.org/mid/op.uvmhixlr64w2qv@annevk-t60

If someone helps me figure out what changes we want to make to how CORS deals with redirects we can definitely merge the two headers again.


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Wednesday, 12 August 2009 16:12:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:08 GMT