[XMLHttpRequest] question about default value of withCredentials

In http://www.w3.org/TR/XMLHttpRequest2/#credentials, it
says: "The credentials flag takes the values true and false, true by
default..."
Both Firefox and Safari have defaulted the value to "False" but the spec
says the default is "True".  Given that these are the two implementations
out there, it seems that the spec should match them.
Thoughts?

dave

References:
  Firefox https://developer.mozilla.org/En/HTTP_access_control,
http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
  WebKit:
http://trac.webkit.org/browser/trunk/WebCore/xml/XMLHttpRequest.cpp, see
value of m_includeCredentials

Received on Thursday, 30 July 2009 20:56:24 UTC