Re: Update to Access Control for Cross-site Requests

On Tue, 08 Apr 2008 01:31:23 +0200, Jonas Sicking <jonas@sicking.cc> wrote:
> I do not think we are ready to go into Last Call. There is a major  
> outstanding issue, which is if cookies and auth headers should be  
> included. Implementation wise this is easy to change, but it  
> significantly changes the semantics of the spec, so I think it's an  
> issue we need to find a resolution for first.
>
> I'm all for publishing another draft though.

Like Ian, I'm a bit confused as to what this issue is. I'm fine with  
delaying publication though, given that we might want to extend the list  
of GET headers.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>

Received on Monday, 7 April 2008 23:35:51 UTC