W3C home > Mailing lists > Public > public-appformats@w3.org > January 2008


From: Jon Ferraiolo <jferrai@us.ibm.com>
Date: Thu, 3 Jan 2008 10:13:13 -0800
To: "public-appformats@w3.org" <public-appformats@w3.org>
Message-ID: <OF5022325E.95365A0D-ON882573C5.00632C18-882573C5.0064168E@us.ibm.com>

Over at OpenAjax Alliance, we have had some recent discussion about Access
Control and were wondering whether it was possible to use HEAD or OPTIONS
instead of GET in order to find out if the server allows cross-site POST
(or DELETE). There have been comments that if the primary goal is to
determine if POST is allowed, then it is more consistent with HTTP
guidelines to issue a GET or OPTIONS rather than only supporting GET.


BTW - It would be nice if the WAF WG home page had a link to the latest
editorial draft in addition to the latest public draft.
Received on Thursday, 3 January 2008 18:27:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:56:21 UTC