- From: Adrian Bateman <adrianba@microsoft.com>
- Date: Wed, 14 Jan 2009 08:00:01 -0800
- To: "public-webapps@w3.org" <public-webapps@w3.org>
I wanted to let the WG members know that we have completed our support for Access-Control in IE8 for the Simple Cross-Site Access Request. We support the Access-Control-Allow-Origin: * wildcard as we did in Beta 2 but in the next public release of IE8, our Release Candidate, we have also added support for the string comparison to the ascii-origin. I want to thank the members of this group who gave us feedback about making this change. Making changes to our implementation now will be costly and I'd prefer if this part of the draft didn't have to change significantly. On the subject of renaming the Origin header, we'd prefer the option to keep it as is and have the name for CSRF changed in HTML 5 as Ian raised [1] if possible. Cheers, Adrian. [1] http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/0060.html -- Adrian Bateman Program Manager - Internet Explorer - Microsoft Corporation Phone: +1 (425) 538 5111 E-mail: mailto:adrianba@microsoft.com
Received on Wednesday, 14 January 2009 16:01:47 UTC