- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 14 Jan 2009 22:07:22 +0000 (UTC)
- To: Jonas Sicking <jonas@sicking.cc>
- Cc: Adam Barth <w3c@adambarth.com>, Anne van Kesteren <annevk@opera.com>, public-webapps@w3.org, Maciej Stachowiak <mjs@apple.com>, Sam Weinig <weinig@apple.com>
On Tue, 13 Jan 2009, Jonas Sicking wrote: > On Tue, Jan 13, 2009 at 5:09 PM, Ian Hickson <ian@hixie.ch> wrote: > > On Tue, 13 Jan 2009, Jonas Sicking wrote: > >> > >> It's not just POST that we need to worry about, ideally we should > >> cover the GET case as well. Or at least it's quite likely that we > >> will want to. > > > > My understanding was that we didn't want to include Origin in GET > > requests. In fact HTML5 right now goes out of its way to avoid > > including it in GET requests. > > We've been debating this both ways at mozilla, no decision has been made > yet regarding what we'll recommend. I've renamed it to XXX-Origin in HTML5. I haven't changed its behavior (it is still only sent for non-GET). I'm trying to bring HTML5 to last call by October. Who "owns" this issue? Do we have an ETA on resolving it? -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 14 January 2009 22:07:59 UTC