[beacon] CORS and Credentials questions.


1) When using beacon against a cross origin, is it clear that we might need to do a preflight for content types that are not specified by CORS?  For example, if you send a ArrayBuffer, we are probably going to need to preflight.  This is clear when reading the CORS spec, but it isnít obviously clear from the beacon spec that there might be two http requests for a beacon ó one for the OPTIONS and one for the POST.  I am not sure if we can or should relax this or not.  Maybe we should be more explicit about which mime types in the beacon specification donít cause the OPTIONS request.

2) In XHR, you can specify if cookies are sent to the cross origin server with withCredentials.  What is the thinking we should do with beacon?  Do we default to sending cookies?

Doug Turner

Received on Wednesday, 8 January 2014 02:53:48 UTC