- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 17 Mar 2009 13:38:38 -0000
- To: "Alexey Proskuryakov" <ap@webkit.org>, public-webapps <public-webapps@w3.org>
On Mon, 16 Mar 2009 11:43:36 -0000, Alexey Proskuryakov <ap@webkit.org> wrote: > Per the current CORS spec draft, cross-origin request with preflight > algorithm is followed if Content-Type is set, and it is not one of the > three predefined types. However, the preflight algorithm itself > immediately decides to skip preflight if these conditions are true: > > * For request method there either is a method cache match or it is a > simple method. > * For every header field name of custom request headers there either > is a header cache match or it is a simple header. > > It seems that a check for content type should be added here, as well. It actually affected more places so I changed the definition of "simple header" to include the restrictions on the Content-Type header. That seemed better as it keeps the checks (that really should all be the same) all in one place. -- Anne van Kesteren http://annevankesteren.nl/
Received on Tuesday, 17 March 2009 13:39:26 UTC