- From: Anne van Kesteren <annevk@opera.com>
- Date: Mon, 16 Nov 2009 15:31:15 +0100
- To: "Julian Reschke" <julian.reschke@gmx.de>, "Silvia Pfeiffer" <silviapfeiffer1@gmail.com>
- Cc: "WebApps WG" <public-webapps@w3.org>
On Tue, 10 Nov 2009 14:31:24 +0100, Julian Reschke <julian.reschke@gmx.de> wrote: > Silvia Pfeiffer wrote: >> ... >> Further, Benno suggests extending http://www.w3.org/TR/XMLHttpRequest/ >> with a property to disable following redirects automatically so as to >> be able to expose the redirection. >> I am not aware if somebody else has suggested these use cases for CORS >> and XMLHttpRequest before (this may not even be the right fora for >> it), but since these are so closely linked to what we do in HTML5, I >> thought it would be good to point it out. I would think that at >> minimum Anne knows what to do with it, since he is editor on both. >> ... > > Extending XMLHttpRequest for better control over redirects certainly > would be a good thing. > > Note that there's work-in-progress of adding "proper" HTTP support to > the Netscape plugin API (see > <https://wiki.mozilla.org/Plugins:GenericHttpMethod>), where we have the > same feature request, and it would be good to align this with > XmlHttpRequest semantics. I'm still not sure whether this should be combined with disabling automatic authentication dialogs if request username and request password are both null. I suppose it is probably simpler to have a separate attribute for each and admittedly most requests have been for redirects and not for the HTTP authentication. We could introduce an attribute with similar properties as timeout and withCredentials called followRedirects that by default is true but can be set to false. What do implementors think? -- Anne van Kesteren http://annevankesteren.nl/
Received on Monday, 16 November 2009 14:32:08 UTC