W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2008

Re: [AC] Access-Control-Allow-Origin header syntax

From: Anne van Kesteren <annevk@opera.com>
Date: Thu, 25 Sep 2008 21:35:28 +0200
To: "Jonas Sicking" <jonas@sicking.cc>, public-webapps <public-webapps@w3.org>
Message-ID: <op.uh1x1exe64w2qv@annevk-t60.oslo.opera.com>

On Thu, 25 Sep 2008 21:26:05 +0200, Jonas Sicking <jonas@sicking.cc> wrote:
> However I think that if we are using URI syntax for these headers we
> should treat them as URIs and not as opaque strings. Everywhere else
> in the product URIs are parsed and canonicalized before being
> compared. We specifically do not use string comparisons. I think for
> the sake of consistency with the rest of the web platform we should do
> the same here, anything else is just unexpected behavior.

The point is actually that the header does _not_ take a URI. It did at  
some point, but you didn't like that. It takes the ASCII form of an origin  
instead, identically to The Web Socket Protocol in HTML 5.

Anne van Kesteren
Received on Thursday, 25 September 2008 19:36:18 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:12 UTC