Re: [whatwg/fetch] More wildcards in CORS when used without credentials (#298)

> @@ -3644,6 +3683,18 @@ <h3 id="cors-preflight-fetch"><span class="secno">5.7 </span>CORS-preflight fetc
>     <a href="#concept-network-error" title="concept-network-error">network error</a>.
>  
>     <li><p>If one of <var>request</var>'s
> +   <a href="#concept-request-header-list" title="concept-request-header-list">header list</a>'s
> +   <a href="#concept-header-name" title="concept-header-name">names</a> is a
> +   <a href="#cors-non-wildcard-request-header-name">CORS non-wildcard request-header name</a> and is not in <var>headerNames</var>, then
> +   return a <a href="#concept-network-error" title="concept-network-error">network error</a>.
> +
> +   <li><p>If <var>headerNames</var> contains `<code>*</code>`, then remove all occurances of

Thank you!

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/298/files/487cc8504ec70f4d2a6741f0fd2b494981690ffe#r62496363

Received on Monday, 9 May 2016 13:22:59 UTC