W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2012

[webappsec] CORS bug 19315

From: Hill, Brad <bhill@paypal-inc.com>
Date: Fri, 26 Oct 2012 23:40:34 +0000
To: "public-webappsec@w3.org" <public-webappsec@w3.org>, "WebApps WG (public-webapps@w3.org)" <public-webapps@w3.org>
CC: "Anne van Kesteren (annevk@annevk.nl)" <annevk@annevk.nl>
Message-ID: <370C9BEB4DD6154FA963E2F79ADC6F2E2AB22A@DEN-EXDDA-S12.corp.ebay.com>

This bug report on CORS, that the "Last-Event-ID" header should be a simple header, (along with Origin and Referer based on the status of actual implementations) is the last substantive change to the document that remains unresolved.

I would like to propose we add "Last-Event-ID", "Origin" and "Referer" to the set of simple headers.   Are there any objections, concerns or comments?

Thank you,
-Brad Hill
Received on Friday, 26 October 2012 23:41:05 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:29 UTC