Re: Re: Re: Fetch: HTTP authentication and CORS

On Mon, May 6, 2013 at 1:39 PM, Hallvord Reiar Michaelsen Steen
<hallvord@opera.com> wrote:
> (Could we however fix this in CORS so that the WWW-Authenticate header could be included in a preflight response where applicable?)

Maybe we should wait for actual complaints about XMLHttpRequest + CORS
lacking integrated support for HTTP authentication before complicating
the protocol even more with unused garbage. In other words, given that
the majority of sites are not using a variant of HTTP authentication
at the moment I don't think further enshrining it is worth the cost.


--
http://annevankesteren.nl/

Received on Monday, 6 May 2013 22:59:34 UTC