- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Sun, 24 Jan 2016 05:38:52 -0800
- To: Nico Schlömer <nico.schloemer@gmail.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, André Gaul <andre@paperhive.org>
On Fri, Jan 22, 2016 at 7:54 AM, Nico Schlömer <nico.schloemer@gmail.com> wrote: > Count this as a +1. :) > > (We'll now have to make a decision for our API to be RESTful or to be > accessible for clients that implement the fetch specification. :/) I think you are right that maybe the time has come to do this. We also added Access-Control-Expose-Headers at the request of the HTTP community and as far as I can tell this is the only thing where there is still a big gap with respect to what HTTP can do and what HTTP combined with CORS can do. I suggest we continue this thread in https://github.com/whatwg/fetch/issues/204. As noted there it seems that the current specification has already removed this gap. Not entirely sure yet whether that is intentional or not, but from cursory reading it seems to work. Will likely investigate a week from now, when I'm back home, unless someone else volunteers. -- https://annevankesteren.nl/
Received on Sunday, 24 January 2016 13:39:16 UTC