- From: David Levin <levin@google.com>
- Date: Thu, 30 Jul 2009 11:38:24 -0700
- To: public-webapps@w3.org
Received on Thursday, 30 July 2009 20:56:24 UTC
In http://www.w3.org/TR/XMLHttpRequest2/#credentials, it says: "The credentials flag takes the values true and false, true by default..." Both Firefox and Safari have defaulted the value to "False" but the spec says the default is "True". Given that these are the two implementations out there, it seems that the spec should match them. Thoughts? dave References: Firefox https://developer.mozilla.org/En/HTTP_access_control, http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/ WebKit: http://trac.webkit.org/browser/trunk/WebCore/xml/XMLHttpRequest.cpp, see value of m_includeCredentials
Received on Thursday, 30 July 2009 20:56:24 UTC