W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [cors] Failed sharing check and cookies

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 11 Oct 2011 14:07:40 +0900
To: "WebApps WG" <public-webapps@w3.org>
Message-ID: <op.v258i2zn64w2qv@annevk-macbookpro.local>
On Tue, 11 Oct 2011 13:20:40 +0900, Anne van Kesteren <annevk@opera.com>  
wrote:
> If you do <img crossorigin> from A to B, and a resource sharing check  
> for B fails, cookies must not be set (per my reading of the HTML  
> specification).

My reading is wrong. Once HTML discards the resource the cookies have  
already been set. We could still decide to change this of course, but it  
does seem like HTML and XMLHttpRequest are consistent here. (Although some  
clarification in wording could be in order given the apparent confusion.)


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Tuesday, 11 October 2011 05:08:17 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:48 GMT