W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2011

Re: [cors] Two minor processing issues

From: Anne van Kesteren <annevk@opera.com>
Date: Thu, 04 Aug 2011 00:12:46 +0200
To: public-webapps@w3.org, "Philippe De Ryck" <philippe.deryck@cs.kuleuven.be>
Message-ID: <op.vznrzk2b64w2qv@annevk-macbookpro.local>
On Wed, 03 Aug 2011 19:43:28 +0200, Philippe De Ryck  
<philippe.deryck@cs.kuleuven.be> wrote:
> CORS-ISOLATION-1.Unique Origins: When run in a document with a globally
> unique identifier for an origin, the Origin header specification
> requires that null should be sent as the value of the Origin header. The
> algorithms listed in the CORS specification do not explicitly take the
> null value into account, leading to some unlogical scenarios. It is for
> instance valid that a request sends origin null and the server responds
> with an Allow-Origin header with the value null.

Is that problematic? This is a feature.

Anne van Kesteren
Received on Wednesday, 3 August 2011 22:13:28 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:23 UTC