Re: [webappsec + webapps] CORS to PR plans

On 7/16/13 3:47 PM, ext Brad Hill wrote:
> CORS advanced to Candidate Recommendation this January, and I believe 
> it is time we consider advancing it to Proposed Recommendation.  In 
> the absence of an editor, I have been collecting bug reports sent to 
> the public-webappsec list, and now have a proposed draft incorporating 
> these fixes I would like to run by both WGs.
>
> The proposed draft can be found at:
>
> http://webappsec-test.info/~bhill2/pub/CORS/index.html 
> <http://webappsec-test.info/%7Ebhill2/pub/CORS/index.html>
>
> A diff-marked version is available at:
>
> http://services.w3.org/htmldiff?doc1=http%3A%2F%2Fwww.w3.org%2FTR%2F2013%2FCR-cors-20130129%2F&doc2=http%3A%2F%2Fwebappsec-test.info%2F~bhill2%2Fpub%2FCORS%2Findex.html 
> <http://services.w3.org/htmldiff?doc1=http%3A%2F%2Fwww.w3.org%2FTR%2F2013%2FCR-cors-20130129%2F&doc2=http%3A%2F%2Fwebappsec-test.info%2F%7Ebhill2%2Fpub%2FCORS%2Findex.html>

Thanks very much for doing this work Brad!

> If these changes are acceptable to the WGs,

The changes seem reasonable to me.

> I believe the only remaining steps are to prepare an implementation 
> report and update the test suite to cover the 204 and 308 status 
> codes.   I'll let us discuss these for a bit here before beginning a 
> formal call for consensus.

Sounds GTM.

-ArtB

Received on Thursday, 18 July 2013 15:12:41 UTC