On Tue, May 8, 2012 at 9:34 PM, Ian Melven <imelven@mozilla.com> wrote: > i'd like to propose that the Do Not Track header (see http://www.w3.org/TR/tracking-dnt/#dnt-header-field) "DNT" > be added to the list of request headers not allowed to be set via XHR's setRequestHeader method (see > http://dvcs.w3.org/hg/xhr/raw-file/tip/Overview.html#the-setrequestheader%28%29-method) Done: http://dvcs.w3.org/hg/xhr/rev/a4a35861a49d > there is an additional question of whether a user's Do Not Track setting in the user agent should > also be added to requests made by XHR - the DNT spec says "A user agent must send the DNT header field on all > HTTP requests if (and only if) a tracking preference is enabled" which would seem to include XHR... Unless specified otherwise XMLHttpRequest follows the requirements from and on HTTP so I don't think anything needs changing here. Per Adam's comment I have not removed the "Sec-" handling. -- Anne — Opera Software http://annevankesteren.nl/ http://www.opera.com/Received on Monday, 14 May 2012 14:53:06 GMT
This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:52 GMT