W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009

Re: CORS and HTTP error responses

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 17 Nov 2009 11:14:27 +0100
To: robert@ocallahan.org, public-webapps@w3.org
Message-ID: <op.u3jaqd1864w2qv@anne-van-kesterens-macbook.local>
On Tue, 17 Nov 2009 01:45:53 +0100, Robert O'Callahan  
<robert@ocallahan.org> wrote:
> This suggests that the client should expect --- and the server should  
> send --- CORS headers such as Access-Control-Allow-Origin:* in HTTP error
> responses for "public" resources. Does that make sense? The spec seems  
> to be silent on the issue.

That's exactly what should happen, yes. The specification is status code  
agnostic apart from redirects. Anything I can do that makes that more  

Anne van Kesteren
Received on Tuesday, 17 November 2009 10:15:10 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:20 UTC