W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [cors] Failed sharing check and cookies

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 11 Oct 2011 14:07:40 +0900
To: "WebApps WG" <public-webapps@w3.org>
Message-ID: <op.v258i2zn64w2qv@annevk-macbookpro.local>
On Tue, 11 Oct 2011 13:20:40 +0900, Anne van Kesteren <annevk@opera.com>  
> If you do <img crossorigin> from A to B, and a resource sharing check  
> for B fails, cookies must not be set (per my reading of the HTML  
> specification).

My reading is wrong. Once HTML discards the resource the cookies have  
already been set. We could still decide to change this of course, but it  
does seem like HTML and XMLHttpRequest are consistent here. (Although some  
clarification in wording could be in order given the apparent confusion.)

Anne van Kesteren
Received on Tuesday, 11 October 2011 05:08:17 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:36 UTC