- From: Anne van Kesteren <annevk@opera.com>
- Date: Thu, 10 Jul 2008 07:29:42 +0200
- To: "Jonas Sicking" <jonas@sicking.cc>
- Cc: "Maciej Stachowiak" <mjs@apple.com>, "Sunava Dutta" <sunavad@windows.microsoft.com>, "WebApps WG" <public-webapps@w3.org>
On Thu, 10 Jul 2008 01:03:19 +0200, Jonas Sicking <jonas@sicking.cc> wrote: > Anne van Kesteren wrote: >> On Thu, 10 Jul 2008 00:32:18 +0200, Maciej Stachowiak <mjs@apple.com> >> wrote: >>> I would be in favor of Access-Control or Access-Control-Allow, I think >>> Access-Control-Origin and Origin are confusing in combination. It >>> seems unclear from the names which is a request header and which is a >>> response header. >> We could restrict Access-Control-* to the server. > > What would that win us? > > Naming all headers related to the spec Access-Control-* (as the spec > does now) seems to add clarity IMHO. It would make it clear to server authors which headers they are in control over without having to look at the header descriptions. I don't feel strongly about this though, adding Allow everywhere works for me too. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Thursday, 10 July 2008 05:30:14 UTC