- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 15 Jun 2010 10:16:59 +0200
- To: public-webapps@w3.org, "Web Applications Working Group Issue Tracker" <sysbot+tracker@w3.org>
On Tue, 16 Jun 2009 16:18:25 +0200, Web Applications Working Group Issue Tracker <sysbot+tracker@w3.org> wrote: > In > > http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0967.html > > Mark Nottingham comments on the asymmetry of exposing the body of the > response but only a tiny subset of the headers. He argues for > > * Expanding this whitelist and > * Giving responses of resources a way to indicate which headers are ok > to expose > > or > > * Turning it into a blacklist > > He indicated he was not satisfied deferring this issue to CORS2 and > considers it a showstopper for CORS1. To resolve ISSUE-90 I added a new header Access-Control-Expose-Headers that controls which additional headers are exposed to the API. http://dev.w3.org/2006/waf/access-control/#http-access-control-expose-headers -- Anne van Kesteren http://annevankesteren.nl/
Received on Tuesday, 15 June 2010 08:17:31 UTC