Re: [whatwg/fetch] What would be the downside of respecing `Access-Control-Allow-Origin: *` even when the `Origin` header is not sent? (#680) from Andrew Meyer on 2018-03-08 (public-webapps-github@w3.org from March 2018)

From: Andrew Meyer <notifications@github.com>
Date: Thu, 08 Mar 2018 00:10:48 +0000 (UTC)
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/680/371331342@github.com>

Explained in the previous paragraph:

> This makes sense, but does require developers to be aware of the opt-in and can result in unexpected behavior if they're not.

I want to improve developer ergonomics by eliminating the need for explicitly sending requests as CORS-enabled when one may be implicitly sent inserted

As explained in my comment though, I

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/680#issuecomment-371331342

Received on Thursday, 8 March 2018 00:11:17 UTC