After renaming the specification I decided to go through the normative parts of the specification again to clean various things up and resolve some outstanding issues. Since the October 6 editor's draft (last relatively stable draft) the following things have changed starting January 14: * The specification was renamed. * Terminology was made more consistent throughout. Cross-site, cross-domain, cross-origin is now all cross-origin, as it should be. * Fixed various examples that still used the old model. * User agents are to lowercase Access-Control-Request-Headers values and sort them. This makes it less likely for authors to depend on behavior of a particular user agent. * A change in HTML 5 resulted in origin being able to serialize to the string "null" again. * The syntax section now has requirements on servers. * The expiry time cache field is now called max age. Cache fields are linked through the document as well. * Parsing of headers by user agents and what to do if parsing failed is now more properly defined. * Non-normative sections and appendices are now clearly marked as such. * I updated the JSONRequest FAQ entry based on comments from DanC in a W3C QA blog post. * The Content-Type header is now always limited for simple requests, not just if the method is POST. * There was a logic error in the cache processing model. * The specification is now more clear on how preflight requests are supposed to work. I.e. when to include Access-Control-Request-Headers and Access-Control-Request-Method. As indicated in the status e-mail more changes are underway based on feedback, but those should not affect implementors. I would appreciated feedback from implementors on the changes and in particular on the wording in the latest draft: http://dev.w3.org/2006/waf/access-control/ -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>Received on Monday, 9 February 2009 12:58:29 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:06 GMT