Re: Why the restriction on unauthenticated GET in CORS?

On Fri, Jul 20, 2012 at 4:50 PM, Adam Barth <> wrote:
> On Fri, Jul 20, 2012 at 4:37 AM, Cameron Jones <> wrote:
>> So, this is a non-starter. Thanks for all the fish.
> That's why we have the current design.

Yes, i note the use of the word "current" and not "final".

Ethics are a starting point for designing technology responsibly. If
the goals can not be met for valid technological reasons then that it
a unfortunate outcome and one that should be avoided at all costs.

The costs of supporting legacy systems has real financial implications
notwithstanding an ethical ideology. If those costs become too great,
legacy systems loose their impenetrable pedestal.

The architectural impact of supporting for non-maintained legacy
systems is that web proxy intermediates are something we will all have
to live with.

Cameron Jones

Received on Friday, 20 July 2012 16:56:23 UTC