- From: Ethan <notifications@github.com>
- Date: Thu, 30 Aug 2018 09:38:47 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 30 August 2018 16:39:09 UTC
> It should be trivial for any server to configure Access-Control-Expose-Headers: link, no? Yes, it's reasonably trivial. And, as I think about this more, I realize the change I proposed doesn't really make sense, in that it doesn't make the platform as a whole any simpler. I think my motivation for raising this was that having to add `Access-Control-Expose-Headers` is just one more thing for normal devs to have to know about and do as they're trying to accomplish something that seems like it should be simple/automatic. That's really a critique against CORS in general, though, and it's probably better solved in a more holistic way than patching some header whitelist (if it's even possible to solve at all given web compat constraints). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/805#issuecomment-417385193
Received on Thursday, 30 August 2018 16:39:09 UTC