Re: Comments on the HTTP Sec-From Header (draft-abarth-origin)

On Thu, 23 Jul 2009 04:21:41 +0200, Adam Barth <> wrote:
> I wonder if this syntax would work for CORS too?  We can take the
> discussion to web-apps if you like, but the idea is if you get a
> redirect (e.g., of a DELETE), then you can add a second Origin header
> to the request instead of modifying the existing header.

Yeah, what is needed is more discussion of this email:

If someone helps me figure out what changes we want to make to how CORS deals with redirects we can definitely merge the two headers again.

Anne van Kesteren

Received on Wednesday, 12 August 2009 16:12:23 UTC