- From: Hallvord Reiar Michaelsen Steen <hallvord@opera.com>
- Date: Sat, 18 May 2013 22:43:10 +0200
- To: "Anne van Kesteren" <annevk@annevk.nl>
- Cc: public-webapps <public-webapps@w3.org>, "Jonas Sicking" <jonas@sicking.cc>
> > BTW - have you considered allowing setting withCredentials to "false" for same-origin resources? > > I suspect that would break sites. Possibly, but I find it unlikely - if it's set, it's most likely usually set to "true", not "false", and it's also most likely rarely set for same-origin requests. Wonder how hard it would be to ship a test in some beta- or preview build of some browser..? 8-) > Making a boolean a tri-state with a > default depending on an external variable is also super confusing. To whom? "Defaults to true for same-origin, false for cross-origin, can be set to override" seems to give authors a behaviour that's relatively intuitive. (Authors would not really have to consider the odd tri-state underpinnings, it still looks like a boolean except with a variable default behaviour). It might be weird and confusing to implement though.. -- Hallvord R. M. Steen Core tester, Opera Software
Received on Saturday, 18 May 2013 20:43:05 UTC