W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [cors] 7.2 seems to make * unusable

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Sat, 03 Dec 2011 20:38:37 -0500
Message-ID: <4EDACF1D.3000209@mit.edu>
To: public-webapps@w3.org
On 12/3/11 7:55 PM, Benson Margulies wrote:
> 7.2.2 says that if the response is "*" and credentials are off, we
> fail.

The text I'm looking at right now is:

   If the Access-Control-Allow-Origin header value is the literal "*"
   character and the credentials flag is false return pass and terminate
   this algorithm.

The key part being "return pass", no?

-Boris
Received on Sunday, 4 December 2011 01:39:05 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:49 GMT