[XMLHttpRequest2] response headers for cross-site requests

Currently XMLHttpRequest Level 2 has restrictions on getting response  
headers when doing a cross-site request. I have a feeling these may be an  
artifact of the slightly older model.

getAllResponseHeaders() returns the empty string currently.

getResponseHeader(header) returns null unless header is one of  
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified,  
Pragma.

I think we should be able to change this. (Though we can't expose  
Set-Cookie and Set-Cookie2 obviously.)

Any thoughts?


(I bbc'ed the WAF WG list as there might be some people there interested  
in this. Please reply to the Web API WG list. I'll be happy when this work  
ends up in the same group soonish...)


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>

Received on Tuesday, 8 April 2008 10:09:12 UTC