Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call]

Anne - for any of the issues you want to close, please propose a  
resolution with at least a 1-week review period.

Tyler - do any of these CORS issues apply to UMP?

-Art Barstow

On Apr 7, 2010, at 10:22 AM, ext Anne van Kesteren wrote:

> On Wed, 07 Apr 2010 16:06:55 +0200, Arthur Barstow  
> <art.barstow@nokia.com>
> wrote:
>> What is the status and plan to get CORS ready for Last Call?
>
> I've mostly been waiting to see what happens with UMP. What I've  
> heard so
> far from various implementors is that they want to keep CORS and  
> add the
> ability to XMLHttpRequest for credential-less requests via the
> constructor. But I might be missing something.
>
>
>> I see the following related "Raised" Issues:
>>
>>   Reduce the length of the header names?
>>   http://www.w3.org/2008/webapps/track/issues/89
>
> This is not possible I think. SPDY or some such should be of help  
> here.
> Anyway, it is still open because mnot wanted some kind of official WG
> decision.
>
>
>>   Exposing more (~infinite) response headers
>>   http://www.w3.org/2008/webapps/track/issues/90
>
> I've been trying to find out which solution implementors prefer, but
> without much luck so far.
>
>
>>   confused deputy problem
>>   http://www.w3.org/2008/webapps/track/issues/108
>
> We discussed this to death.
>
>
>>   CORS does not define the effect of the credentials flag in  
>> sufficient
>> detail
>>   http://www.w3.org/2008/webapps/track/issues/114
>
> I defined this.
>
>
>> And the latest ED includes 3 "red block" Issues.
>
> They all indicate the need for other specifications to move  
> forward. URL,
> HTTP, and whatever specification ends up defining origin. I.e.  
> editorial
> and should in theory not block progress.
>
>
> -- 
> Anne van Kesteren
> http://annevankesteren.nl/
>

Received on Thursday, 8 April 2010 12:40:35 UTC