- From: Michiel De Mey <de.mey.michiel@gmail.com>
- Date: Thu, 05 Feb 2015 03:50:34 -0800 (PST)
- To: "Anne van Kesteren" <annevk@annevk.nl>
- Cc: public-webapps@w3.org
Received on Thursday, 5 February 2015 11:51:03 UTC
All it says about CORS is the following (Opening handshake section): The |Origin| header field [RFC6454] is used to protect against unauthorized cross-origin use of a WebSocket server by scripts using the WebSocket API in a web browser. On Thu, Feb 5, 2015 at 10:19 AM, Anne van Kesteren <annevk@annevk.nl> wrote: > On Thu, Feb 5, 2015 at 3:49 AM, Michiel De Mey <de.mey.michiel@gmail.com> wrote: >> I'd like to propose a new feature to enable browsers to send custom headers through the API. >> The Websocket spec supports this, however the API does not expose this feature. > Does the specification take similar precautions to CORS? > -- > https://annevankesteren.nl/
Received on Thursday, 5 February 2015 11:51:03 UTC