W3C home > Mailing lists > Public > public-web-perf@w3.org > January 2014

[beacon] CORS and Credentials questions.

From: <doug.turner@gmail.com>
Date: Tue, 7 Jan 2014 18:53:17 -0800
Message-Id: <5470CA8C-33E6-46A4-A47E-94E2CFD8046C@gmail.com>
Cc: Jonas Sicking <sicking@mozilla.com>
To: public-web-perf <public-web-perf@w3.org>

1) When using beacon against a cross origin, is it clear that we might need to do a preflight for content types that are not specified by CORS?  For example, if you send a ArrayBuffer, we are probably going to need to preflight.  This is clear when reading the CORS spec, but it isnít obviously clear from the beacon spec that there might be two http requests for a beacon ó one for the OPTIONS and one for the POST.  I am not sure if we can or should relax this or not.  Maybe we should be more explicit about which mime types in the beacon specification donít cause the OPTIONS request.

2) In XHR, you can specify if cookies are sent to the cross origin server with withCredentials.  What is the thinking we should do with beacon?  Do we default to sending cookies?

Doug Turner
Received on Wednesday, 8 January 2014 02:53:48 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:04:38 UTC