- From: Dirk Pranke <dpranke@chromium.org>
- Date: Fri, 6 Apr 2012 11:35:59 -0700
- To: James M Snell <jasnell@gmail.com>, Poul-Henning Kamp <phk@phk.freebsd.dk>, Mark Nottingham <mnot@mnot.net>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Having followed the CORS spec (and contributed to it on occasion) over the past couple years, I don't recall seeing any comments from any of you, or seeing any particularly strong opposition to it, apart from the people proposing UMP as an alternative to avoid the ambient authority issues. Given that (I believe) every major browser is shipping at least partial if not full support for the spec already, I believe this ship has long since sailed, but I at least would be interested in why you think it's a bad design or how you would do things differently. Is there some list archive where I should look for your comments, or do you mind reposting them? -- Dirk On Fri, Apr 6, 2012 at 10:33 AM, James M Snell <jasnell@gmail.com> wrote: > I would certainly have to agree with your personal note... > unfortunately, as you point out, the WGs working on it haven't really > been that open to opposing opinions on it. Unfortunate but sadly not > surprising. I largely intend to just ignore it for as long as > possible. > > On Fri, Apr 6, 2012 at 10:23 AM, Mark Nottingham <mnot@mnot.net> wrote: >> HTTP folks may be interested in the Last Call for the W3C's CORS: >> http://lists.w3.org/Archives/Public/public-web-security/2012Apr/0001.html >> >> <personal_note> >> I've made several comments to the various WGs this specification has resided in over the years; I feel it's a bad design for the Web and needlessly complex and chatty. I'll likely be making similar comments in their LC period. I doubt anything will change, however. >> </personal_note> >> >> -- >> Mark Nottingham >> http://www.mnot.net/ >> >> >> >> >> >
Received on Friday, 6 April 2012 18:36:49 UTC