- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Fri, 22 Jan 2016 16:40:26 +0100
- To: Nico Schlömer <nico.schloemer@gmail.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, André Gaul <andre@paperhive.org>
On Fri, Jan 22, 2016 at 4:34 PM, Nico Schlömer <nico.schloemer@gmail.com> wrote: > This seems to mean that one cannot do redirects for authenticated resources > -- even if the redirect is on the same domain (localhost). Can this really > be true or am I missing something? 1. This is true. Nobody wanted to implement the preflight scheme for redirects. At least not as a first pass. And to be fair, we've not even had a handful of requests for it thus far. 2. You want to read https://fetch.spec.whatwg.org/ instead. It's the maintained version of the standard. -- https://annevankesteren.nl/
Received on Friday, 22 January 2016 15:40:55 UTC