- From: <bugzilla@jessica.w3.org>
- Date: Sun, 07 Oct 2012 04:45:27 +0000
- To: public-webappsec@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=19315 Summary: Last-Event-ID header should be a simple header Product: WebAppsSec Version: unspecified Platform: PC OS/Version: Windows XP Status: NEW Severity: normal Priority: P2 Component: CORS AssignedTo: annevk@annevk.nl ReportedBy: vic99999@yandex.ru QAContact: dave.null@w3.org CC: mike@w3.org, public-webappsec@w3.org "Last-Event-ID" header, used by EventSource - http://dev.w3.org/html5/eventsource/ , should be a simple header EventSource already allows CORS with this header without preflight http://hg.mozilla.org/releases/mozilla-release/file/dc25520cbe46/content/base/src/nsXMLHttpRequest.cpp#l3277 Thanks P.S. Seems, Firefox allows to use this headers for simple CORS request: accept, accept-language, content-language, content-type, last-event-id And Webkit allows: accept, accept-language, content-language, content-type, origin, referer -- Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
Received on Sunday, 7 October 2012 04:45:32 UTC