- From: Takeshi Yoshino <notifications@github.com>
- Date: Wed, 20 Jul 2016 03:39:25 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Wednesday, 20 July 2016 10:40:12 UTC
Hmm, okay. I can live with having to specify the parameters in detail. - Shall we require the Origin-Wide-CORS descriptor to be communicated only over a preflight response? I.e. the first non-simple request to an origin X. This would require people to implement preflight correctly. - Shall we allow only the query part to be wildcarded? I'm checking with wenbozhu and not yet sure if it works for him. But limiting wildcard functionality would reduce risk of misconfiguration - Shall we give the authority to specify the Origin-Wide-CORS only to "/"? I've updated https://github.com/tyoshino/origin-wide-cors/blob/master/README.md accordingly. I've incorporated roryheiwitt's points and made it communicate the Origin-Wide settings over headers. Not involving any more separate fetching is basically good for reducing implementation complexity. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/210#issuecomment-233914372
Received on Wednesday, 20 July 2016 10:40:12 UTC