Re: CORS: Requirement for HTTP 200 response on preflight is not web-compatible and doesn't seem to be interoperably implemented

* Bjoern Hoehrmann wrote:
>It seems this requirement has been added in the 2012 draft, so the more
>interesting question would by what this is trying to accomplish. Last I
>checked "CORS" did not use the response body here, so using 204 seems
>quite natural: it saves around 20 bytes on the wire and there is less of
>a risk to leak information through the service by accidentally sending a
seems to be the reasoning behind rejecting anything but the status 200.
Björn Höhrmann · ·
Am Badedeich 7 · Telefon: +49(0)160/4415681 ·
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · 

Received on Friday, 1 March 2013 02:07:41 UTC