Re: [CSP] Difference in browser behaviour for 304 responses

On 11.10.2015 09:42, Anne van Kesteren wrote:
> I would recommend filing a bug against Chromium. We want the
> update-headers behavior for CORS too. Would make sense to keep that
> consistent.

I found a bug for the same behaviour with X-Frame-Options, I'll try to 
revive that with a comment, hopefully they'll have a look at how they 
handle all the security headers.

https://code.google.com/p/chromium/issues/detail?id=354080

-- 
André N. Klingsheim

Received on Sunday, 11 October 2015 12:26:17 UTC