- From: Ivan Herman <ivan@w3.org>
- Date: Thu, 31 Aug 2017 13:20:22 +0200
- To: Tzviya Siegman <tsiegman@wiley.com>
- Cc: W3C Publishing Working Group <public-publ-wg@w3.org>
Yep, although the concept is not gone. The WhatWG Fetch spec includes the same features as CORS[1] (as far as I know), so it is more that it is superseded. However, the Fetch spec is not a W3C spec, so, formally, superseded is not the right term… Fetch is, of course:-), an extremely-difficult-to-read spec. Anybody knows of a good tutorial like text that we could use? Ivan [1] https://fetch.spec.whatwg.org/#http-cors-protocol > On 31 Aug 2017, at 13:10, Siegman, Tzviya - Hoboken <tsiegman@wiley.com> wrote: > > Our group has mentioned CORS many times in our discussions of origins and manifests. It's worth noting that it is being formally obsoleted. > > Tzviya Siegman > Information Standards Lead > Wiley > 201-748-6884 > tsiegman@wiley.com > > -----Original Message----- > From: Coralie Mercier [mailto:coralie@w3.org] > Sent: Thursday, August 31, 2017 4:36 AM > To: w3c-ac-forum@w3.org > Cc: chairs@w3.org > Subject: Proposal to Republish CORS as Obsolete Recommendation (Call for Review) > > Dear Advisory Committee Representative, > Chairs, > > This is a proposal to republish the following W3C Recommendation as Obsolete Recommendation: > > Cross-Origin Resource Sharing, W3C Recommendation 16 January 2014 > http://www.w3.org/TR/2014/REC-cors-20140116/ > > The SoTD should read: > > [[ > This specification is obsolete and should no longer be used as a basis for implementation. > The [Fetch Living Standard](https://fetch.spec.whatwg.org/) provides the same set of features with additional refinements to improve security, such as the [CORS safelisted request headers](https://fetch.spec.whatwg.org/#cors-safelisted-request-header). The Fetch specification also contains new features, which would not be covered by the [5 February 2004 W3C Patent Policy](https://www.w3.org/Consortium/Patent-Policy-20040205/), such as the possibility to use a [wildcard "*"](https://fetch.spec.whatwg.org/#cors-preflight-fetch-0) in CORS headers. As an historical reference, a [snapshot](https://fetch.spec.whatwg.org/commit-snapshots/f3bb21991abdd335175fcc5d26a0d0b7b380d4fe/) of the Fetch Living Standard as of 15 June 2017 is also available. > ]] > > Although the Fetch Living Standard continues to evolve and accordingly W3C cannot speak to the stability of the entire spec - the portions of the Fetch spec that obsolete the CORS spec are stable and have sufficient implementations on the Web - the Director supports the Working Group's request to republish the CORS Recommendation as an Obsolete Recommendation. > > The approval and publication are in response to this transition request from the Web Application Security Working Group [1]: > https://lists.w3.org/Archives/Member/chairs/2017JulSep/0089.html > > There wasn't any Formal Objection within the Web Application Security Working Group. > > Issues are welcome by 2017-09-28 and should be sent to <public-webappsec@w3.org>. > > Please review this proposal and indicate whether your organization supports obsoleting this Recommendation or objects to this action, by completing the following questionnaire: > https://www.w3.org/2002/09/wbs/101147/cors-obs-2017-09/ > > The deadline for responses is 23:59, Boston time on 2017-09-28. Additional details about the review are available in the questionnaire. > > This Call for review follows section 6.9 "Obsoleting or Rescinding a W3C Recommendation" of the W3C Process Document: > https://www.w3.org/2017/Process-20170301/#rec-rescind > > Thank you, > > For Tim Berners-Lee, W3C Director, and > Philippe Le Hégaret, Project Management Lead; Coralie Mercier, Head of W3C Marketing & Communications > > [1] http://www.w3.org/2011/webappsec/ > > -- > Coralie Mercier - W3C Marketing & Communications - https://www.w3.org mailto:coralie@w3.org +336 4322 0001 https://www.w3.org/People/CMercier/ > > > > > ---- Ivan Herman, W3C Publishing@W3C Technical Lead Home: http://www.w3.org/People/Ivan/ mobile: +31-641044153 ORCID ID: http://orcid.org/0000-0003-0782-2704
Received on Thursday, 31 August 2017 11:20:02 UTC