19.03.2009, Χ 21:00, Jonas Sicking ΞΑΠΙΣΑΜ(Α): > While I agree that there are other ways of doing this, I think I'd > have a really hard time selling a feature that explicitly allows port > scanning to our security team. Especially when there is an easy > remedy. The price comes mainly in the form of developer time - first, they will be inconvenienced by arbitrary restrictions on when they can install event listeners, and then (but more significantly), they'll have to implement OPTIONS server-side, even if they didn't need it otherwise. There is also some price in performance due to making a preflight request, although I guess it's negligible in cases when upload progress events will be used. Finally, there can potentially be a compatibility problem if some proxy is not configured to pass OPTIONS requests, but I do not have any data on whether that's likely. That said, I don't care too much either way. - WBR, Alexey ProskuryakovReceived on Thursday, 19 March 2009 18:18:33 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:07 GMT