- From: André N. Klingsheim <andre.klingsheim@owasp.org>
- Date: Sun, 11 Oct 2015 14:25:37 +0200
- To: public-webappsec@w3.org
On 11.10.2015 09:42, Anne van Kesteren wrote: > I would recommend filing a bug against Chromium. We want the > update-headers behavior for CORS too. Would make sense to keep that > consistent. I found a bug for the same behaviour with X-Frame-Options, I'll try to revive that with a comment, hopefully they'll have a look at how they handle all the security headers. https://code.google.com/p/chromium/issues/detail?id=354080 -- André N. Klingsheim
Received on Sunday, 11 October 2015 12:26:17 UTC