- From: Anne van Kesteren <annevk@opera.com>
- Date: Wed, 07 Apr 2010 16:22:04 +0200
- To: "Arthur Barstow" <art.barstow@nokia.com>
- Cc: public-webapps <public-webapps@w3.org>, "Tyler Close" <tyler.close@gmail.com>
On Wed, 07 Apr 2010 16:06:55 +0200, Arthur Barstow <art.barstow@nokia.com> wrote: > What is the status and plan to get CORS ready for Last Call? I've mostly been waiting to see what happens with UMP. What I've heard so far from various implementors is that they want to keep CORS and add the ability to XMLHttpRequest for credential-less requests via the constructor. But I might be missing something. > I see the following related "Raised" Issues: > > Reduce the length of the header names? > http://www.w3.org/2008/webapps/track/issues/89 This is not possible I think. SPDY or some such should be of help here. Anyway, it is still open because mnot wanted some kind of official WG decision. > Exposing more (~infinite) response headers > http://www.w3.org/2008/webapps/track/issues/90 I've been trying to find out which solution implementors prefer, but without much luck so far. > confused deputy problem > http://www.w3.org/2008/webapps/track/issues/108 We discussed this to death. > CORS does not define the effect of the credentials flag in sufficient > detail > http://www.w3.org/2008/webapps/track/issues/114 I defined this. > And the latest ED includes 3 "red block" Issues. They all indicate the need for other specifications to move forward. URL, HTTP, and whatever specification ends up defining origin. I.e. editorial and should in theory not block progress. -- Anne van Kesteren http://annevankesteren.nl/
Received on Wednesday, 7 April 2010 14:23:04 UTC