- From: Ruben Verborgh <ruben.verborgh@ugent.be>
- Date: Thu, 24 Jul 2014 09:34:13 +0200
- To: Markus Lanthaler <markus.lanthaler@gmx.net>
- Cc: public-hydra@w3.org
> The MUST RFC2616 statement could be left out in any case. If HTTP URLs are used, a conformant server has obviously to conform to the HTTP specs. Using the same reasoning, other normative statements in section 4 should be dropped (or at least made non-normative to prevent duplication of normative statements). Agree. Following up on this in https://github.com/HydraCG/Specifications/issues/63 > It is indeed and most of the things are already covered by the HTTP spec. Other things such as the > > ... a server SHOULD return a triple-based representation instead of > sending a response with status code 406 Not Acceptable > > statement do not improve interoperability beyond what HTTP already does. Well, it says the default should be sending a 406, which is stronger than wat RFC7231 says. But I could just leave it out. > You mean Vary: Origin, right? Err… yes. > In the request it will be Origin: D1... Access-Control-Allow-Origin: D1 is in the response. Yes I messed them up. > Access-Control-Allow-Origin is not about authentication… Oh yes, it can be: "only Web applications on domain D1 can access this API". It's primitive, but effective for browsers (only). Best, Ruben
Received on Thursday, 24 July 2014 07:34:48 UTC