Re: [CORS] Understanding the definition of simple headers

On Wed, Aug 21, 2013 at 6:12 AM, Monsur Hossain <> wrote:
> The latest CORS spec defines the simple headers as Accept, Accept-Language
> and Content-Language. However the spec doesn't provide any insight into why
> these particular headers are special. What is the motivation for defining
> these as simple headers? My initial assumption was that a preflight was
> required for any cross-origin request that couldn't be done before the CORS
> spec existed. But its not clear to me how an author could set these simple
> headers on cross-origin requests before CORS.

Accept is pretty random due to plugins. Accept-Language and
Content-Language I guess we considered safe enough. Not sure there was
any particularly strong rationale...


Received on Wednesday, 21 August 2013 14:08:24 UTC