- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Wed, 04 Dec 2013 10:21:41 -0500
- To: public-webappsec@w3.org
On 12/4/13 10:14 AM, Julian Reschke wrote: > Having said that: if a 200 response works without CORS headers It doesn't. A 200 response would be absolutely required to have CORS headers in the situation under discussion. -Boris
Received on Wednesday, 4 December 2013 15:22:10 UTC