- From: Anne van Kesteren <annevk@opera.com>
- Date: Wed, 15 Feb 2012 10:24:28 +0100
- To: "Jonas Sicking" <jonas@sicking.cc>
- Cc: "Boris Zbarsky" <bzbarsky@mit.edu>, public-webapps@w3.org, "Adam Barth" <abarth@gmail.com>, Odin Hørthe Omdal <odinho@opera.com>
On Wed, 15 Feb 2012 08:05:36 +0100, Jonas Sicking <jonas@sicking.cc> wrote: > Just add the "force preflight flag is unset" condition to only the "is > simple method" check. That way a cache hit still counts prevents a > preflight even if the force-flag is set. > > Note that a cache hit can only happen if a preflight-check has been > successful *from the requesting origin*. So things should still be > safe. > > At least that's how we have it implemented in Firefox. I think I fixed this now: http://dvcs.w3.org/hg/cors/rev/b64d6dd50a2d The only implication I see is that if the "force preflight flag" was the only reason for the preflight, the preflight will always happen. (Please disregard the missing "the" I introduced. Already fixed.) -- Anne van Kesteren http://annevankesteren.nl/
Received on Wednesday, 15 February 2012 09:25:07 UTC