W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

[cors] what's an example a simple request with credentials?

From: Benson Margulies <bimargulies@gmail.com>
Date: Fri, 23 Dec 2011 11:03:25 -0500
Message-ID: <CALhtWke7pRCEo7Y5ipAt4sCjUGwzjm5f8tn8jB14QSaVFFhyaQ@mail.gmail.com>
To: public-webapps@w3.org
I am failing to come up with a sequence of calls to XMLHttpRequest
that will trigger credential processing while remaining a simple
request. Explicit credentials passed to open() are prohibited for all
cross-origin requests, and url-embedded credentials seem to trigger
the same prohibition. An Authorization header is non-simple.
Certificates would be rather gigantically difficult in the testing
environment I'm working with. There's talk of cookies, but those would
also make the request non-simple, wouldn't they?
Received on Friday, 23 December 2011 16:04:00 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:37 UTC