CORS currently requires that a non-HTTP-200 response to a preflight be treated like a network error. When I changed Gecko to do that, we discovered that at least GitHub's API sends 204 responses to preflights. Furthermore, it appears that neither Trident nor WebKit enforce this restriction to 200-only (and in fact it's not clear to me whether they enforce any restrictions at all; needs testing). I am changing Gecko back to our old behavior of accepting any 2xx response to a preflight, but the spec also needs to be changed. It's not clear to me what the spec should say here; possible options are "any 2xx response" or "200 or 204" or something else. Feedback from WebKit and Trident folks on what they actually do is welcome. -BorisReceived on Thursday, 28 February 2013 14:25:20 UTC
This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:00 UTC