Re: [cors] TAG request concerning CORS & Next Step(s)

On Wed, Jun 24, 2009 at 10:16 AM, Jonas Sicking<jonas@sicking.cc> wrote:
> Firefox 3.5 will be out in a matter of days (RC available already) and
> it supports the majority of CORS (everything but redirects of
> preflighted requests).

What is the behavior of the Origin header on other kinds of redirects?
For example:

1. page from Site A does: POST text/plain to a URL at Site B

2. Site B responds with a redirect to a URL at Site A

3. User clicks through any presented redirect confirmation dialog

4. Browser sends the POST from step 1 to the specified URL at Site A.

What is the value of the Origin header in step 4?

--Tyler

-- 
"Waterken News: Capability security on the Web"
http://waterken.sourceforge.net/recent.html

Received on Wednesday, 24 June 2009 18:46:23 UTC