- From: Ashar Javed <ashar.javed@tu-harburg.de>
- Date: Fri, 01 Jul 2011 09:48:43 +0200
- To: "public-webapps@w3.org" <public-webapps@w3.org>
- Cc: michael.hausenblas@deri.org
Hi, If a server is returning (Access-Control-Allow-Origin: *) without setting the Origin header in HTTP request then can we say that server is not implementing CORS properly? With the help of http://web-sniffer.net/, I randomly checked sites (home pages only) for CORS and nearly 200 sites are returning (Access-Control-Allow-Origin: *). Cheers, ashar
Received on Friday, 1 July 2011 08:33:46 UTC