- From: Adam Barth <w3c@adambarth.com>
- Date: Fri, 23 Jan 2009 09:14:54 -0800
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: Larry Masinter <LMM@acm.org>, Mark Nottingham <mnot@mnot.net>, ietf-http-wg@w3.org, Lisa Dusseault <ldusseault@commerce.net>
On Fri, Jan 23, 2009 at 12:30 AM, Julian Reschke <julian.reschke@gmx.de> wrote: > Whenever a user agent issues an HTTP request whose method is neither > "GET" nor "HEAD", the user agent MUST include exactly one HTTP header > named "Origin". > > What about other safe methods, such as PROPFIND, REPORT or SEARCH? Shouldn't > the spec just say: > > Whenever a user agent issues an HTTP request whose method is not > known to be safe (see ...), the user agent MUST include exactly > one HTTP header named "Origin". > > ? Good point. What should I cite as the authoritative list of safe methods? Thanks for your feedback, Adam
Received on Friday, 23 January 2009 17:15:41 UTC