W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

ISSUE-90: Exposing more (~infinite) response headers [CORS]

From: Web Applications Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Tue, 16 Jun 2009 14:18:25 +0000 (GMT)
To: public-webapps@w3.org
Message-Id: <20090616141825.C635C4DD6C@crusher.w3.org>

ISSUE-90: Exposing more (~infinite) response headers [CORS]


Raised by: Anne van Kesteren
On product: CORS



Mark Nottingham comments on the asymmetry of exposing the body of the response but only a tiny subset of the headers. He argues for

 * Expanding this whitelist and
 * Giving responses of resources a way to indicate which headers are ok to expose


 * Turning it into a blacklist

He indicated he was not satisfied deferring this issue to CORS2 and considers it a showstopper for CORS1.
Received on Tuesday, 16 June 2009 14:18:32 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 20 October 2015 13:55:26 UTC