Re: CORS: Requirement for HTTP 200 response on preflight is not web-compatible and doesn't seem to be interoperably implemented

* Bjoern Hoehrmann wrote:
>It seems this requirement has been added in the 2012 draft, so the more
>interesting question would by what this is trying to accomplish. Last I
>checked "CORS" did not use the response body here, so using 204 seems
>quite natural: it saves around 20 bytes on the wire and there is less of
>a risk to leak information through the service by accidentally sending a
>body.

http://lists.w3.org/Archives/Public/public-webapps/2010JulSep/0971.html
seems to be the reasoning behind rejecting anything but the status 200.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 

Received on Friday, 1 March 2013 02:07:41 UTC