- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Thu, 5 Feb 2015 14:12:12 +0100
- To: Florian Bösch <pyalot@gmail.com>
- Cc: Michiel De Mey <de.mey.michiel@gmail.com>, WebApps WG <public-webapps@w3.org>
On Thu, Feb 5, 2015 at 1:27 PM, Florian Bösch <pyalot@gmail.com> wrote: > CORS is an adequate protocol to allow for additional headers, and websocket > requests could be subjected to CORS (I'm not sure what the current client > behavior is in that regard, but I'm guessing they enforce CORS on websocket > requests as well). I think you're missing something. A WebSocket request is subject to the WebSocket protocol, which does not take the same precautions as the Fetch protocol does used elsewhere in the platform. And therefore we cannot provide this feature until the WebSocket protocol is fixed to take the same precautions. -- https://annevankesteren.nl/
Received on Thursday, 5 February 2015 13:12:36 UTC