W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2013

RE: CORS Allow header in preflight response

From: Pellerin, Clement <Clement_Pellerin@ibi.com>
Date: Tue, 16 Apr 2013 15:30:37 -0400
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <9892EC6224DBC54598164D1F77721D7572AED5C46F@IBIUSMBSB.ibi.com>
> On Tue, Apr 16, 2013 at 7:58 PM, Anne van Kesteren wrote:
> > What should the value of the Allow header be in the response to a CORS preflight request?
> > Is the Allow header mandatory, optional, forbidden, ignored?
> 
> Ignored.

Should this be mentioned explicitly in the specification, at least in a non-normative way?
Received on Tuesday, 16 April 2013 19:32:19 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC