W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2013

Re: [webappsec + webapps] CORS to PR plans

From: Anne van Kesteren <annevk@annevk.nl>
Date: Tue, 16 Jul 2013 20:18:08 -0400
Message-ID: <CADnb78jVGJv8ujPMzjEWSXktPSaB_jO=w5Og9RCPqh6P9tvxRQ@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, WebApps WG <public-webapps@w3.org>
On Tue, Jul 16, 2013 at 3:47 PM, Brad Hill <hillbrad@gmail.com> wrote:
> 1. Changed "Fetch" references.  The CR document referenced the WHATWG Fetch
> spec in a number of places.  This was problematic due to the maturity /
> stability requirements of the W3C for document advancement, and I feel also
> inappropriate, as the current Fetch spec positions itself as a successor to
> CORS, not a reference in terms of which CORS is defined.

Pretty sure CORS didn't reference the Fetch Standard. Given that the
Fetch Standard is written after I wrote CORS, that would be somewhat

> 8. In response to thread beginning at:
> http://lists.w3.org/Archives/Public/public-webappsec/2013Feb/0078.html,
> added 204 as a valid code equivalent to 200 for the CORS algorithm.

I think implementations are moving towards allowing the whole 200-299
range. (Fetch Standard codifies that, at least.)

Received on Wednesday, 17 July 2013 00:18:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:34 UTC