Re: [whatwg/fetch] Allow * for Access-Control-Allow-Headers and Access-Control-Allow-Methods (#251) from Takeshi Yoshino on 2016-04-18 (public-webapps-github@w3.org from April 2016)

From: Takeshi Yoshino <notifications@github.com>
Date: Mon, 18 Apr 2016 05:34:42 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Message-ID: <whatwg/fetch/issues/251/211359518@github.com>

See the result of the measurement at https://bugs.chromium.org/p/chromium/issues/detail?id=602925#c6. About 30% of XHRs are both cross-origin and withCredentials set on Chrome. Note that:
- as roryhewitt pointed out at https://bugs.chromium.org/p/chromium/issues/detail?id=602925#c3, this value may include the cases where any credentials were actually not sent
- this early result is only from canary releases of Chrome whose usage includes more developers than stable/beta/dev

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/251#issuecomment-211359518

Received on Monday, 18 April 2016 12:35:09 UTC