- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 17 Nov 2009 11:14:27 +0100
- To: robert@ocallahan.org, public-webapps@w3.org
On Tue, 17 Nov 2009 01:45:53 +0100, Robert O'Callahan <robert@ocallahan.org> wrote: > This suggests that the client should expect --- and the server should > send --- CORS headers such as Access-Control-Allow-Origin:* in HTTP error > responses for "public" resources. Does that make sense? The spec seems > to be silent on the issue. That's exactly what should happen, yes. The specification is status code agnostic apart from redirects. Anything I can do that makes that more clear? -- Anne van Kesteren http://annevankesteren.nl/
Received on Tuesday, 17 November 2009 10:15:10 UTC