W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2008

Re: [AC] Access-Control-Allow-Origin header syntax

From: Anne van Kesteren <annevk@opera.com>
Date: Thu, 25 Sep 2008 21:35:28 +0200
To: "Jonas Sicking" <jonas@sicking.cc>, public-webapps <public-webapps@w3.org>
Message-ID: <op.uh1x1exe64w2qv@annevk-t60.oslo.opera.com>

On Thu, 25 Sep 2008 21:26:05 +0200, Jonas Sicking <jonas@sicking.cc> wrote:
> However I think that if we are using URI syntax for these headers we
> should treat them as URIs and not as opaque strings. Everywhere else
> in the product URIs are parsed and canonicalized before being
> compared. We specifically do not use string comparisons. I think for
> the sake of consistency with the rest of the web platform we should do
> the same here, anything else is just unexpected behavior.

The point is actually that the header does _not_ take a URI. It did at  
some point, but you didn't like that. It takes the ASCII form of an origin  
instead, identically to The Web Socket Protocol in HTML 5.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Thursday, 25 September 2008 19:36:18 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:27 GMT