W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2012

[CORS] Applying preflight cache to an entire domain?

From: Monsur Hossain <monsur@gmail.com>
Date: Tue, 17 Apr 2012 16:35:16 -0500
Message-ID: <CAKSyWQ=CGbzS1wE73gcZBbhMD-khc++rc0H3bxPFwKVaOW2NDQ@mail.gmail.com>
To: public-webapps@w3.org
Hi there. The CORS spec currently indicates that the preflight cache should
store preflight responses for a particular origin/request url pair. That
means that multiple requests to different urls on the same domain will
always trigger a preflight, even if the preflight response is exactly the
same for those urls. If a server only accepts a set of well defined http
methods and http headers, then issuing the preflight on different requests
is redundant.

I was wondering if there could be a way for the server to indicate what
scope the preflight applies to? For example, the default could still be to
cache per origin/request-url, but maybe the server could set a special
"Access-Control-Max-Age-Scope: domain" response header to indicate that the
preflight response can be used for any request to the domain. Has anything
like this been considered?

Thanks,
Monsur
Received on Wednesday, 18 April 2012 12:04:06 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:51 GMT