[Bug 25568] New: [imports]: Respect the crossOrigin attribute from bugzilla@jessica.w3.org on 2014-05-06 (public-webapps-bugzilla@w3.org from May 2014)

From: <bugzilla@jessica.w3.org>
Date: Tue, 06 May 2014 03:42:06 +0000
To: public-webapps-bugzilla@w3.org
Message-ID: <bug-25568-2532@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25568

            Bug ID: 25568
           Summary: [imports]: Respect the crossOrigin attribute
           Product: WebAppsWG
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Component Model
          Assignee: morrita@google.com
          Reporter: pdr@google.com
        QA Contact: public-webapps-bugzilla@w3.org
                CC: adamk@chromium.org, dglazkov@chromium.org,
                    mike@w3.org, public-webapps@w3.org

The 7.4 Fetching Import section states "All imports ... must be loaded using
the fetching algorithm with request's origin set to the origin of the master
docment [SIC], the mode to CORS and the omit credentials mode to CORS."

Why is the <link> crossOrigin attribute[1] not respected here? This would allow
non-anonymous imports, for example.

[1]
http://www.w3.org/html/wg/drafts/html/master/single-page.html#attr-link-media

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 6 May 2014 03:42:09 UTC