Re: preflighted CORS requests and redirects: principally impossible?

> My use-use was rather niche: a delay proxy for links on arbitrary domains.

This sounds a whole lot like traffic shaping, which would be a brilliant
argument against this.

On Fri, Jan 22, 2016 at 5:01 PM Utkarsh Upadhyay <musically.ut@gmail.com>
wrote:

> I don't know whether my request a year ago was counted as +1, but here is
> it. :)
>
> My use-use was rather niche: a delay proxy for links on arbitrary domains.
>
> ~
> ut
>
> On Fri, Jan 22, 2016 at 4:54 PM, Nico Schlömer <nico.schloemer@gmail.com>
> wrote:
>
>> Thanks for the speedy reply!
>>
>> > And to be fair, we've not even had a handful of requests for it thus
>> far.
>>
>> Count this as a +1. :)
>>
>> (We'll now have to make a decision for our API to be RESTful or to be
>> accessible for clients that implement the fetch specification. :/)
>>
>> Cheers,
>> Nico
>>
>> On Fri, Jan 22, 2016 at 4:40 PM Anne van Kesteren <annevk@annevk.nl>
>> wrote:
>>
>>> On Fri, Jan 22, 2016 at 4:34 PM, Nico Schlömer <nico.schloemer@gmail.com>
>>> wrote:
>>> > This seems to mean that one cannot do redirects for authenticated
>>> resources
>>> > -- even if the redirect is on the same domain (localhost). Can this
>>> really
>>> > be true or am I missing something?
>>>
>>> 1. This is true. Nobody wanted to implement the preflight scheme for
>>> redirects. At least not as a first pass. And to be fair, we've not
>>> even had a handful of requests for it thus far.
>>> 2. You want to read https://fetch.spec.whatwg.org/ instead. It's the
>>> maintained version of the standard.
>>>
>>>
>>> --
>>> https://annevankesteren.nl/
>>>
>>
>

Received on Friday, 22 January 2016 17:41:48 UTC