CORS-safelisted request headers should be restricted according to RFC 7231 from John Wilander on 2016-09-07 (public-webappsec@w3.org from September 2016)

From: John Wilander <wilander@apple.com>
Date: Tue, 06 Sep 2016 17:08:55 -0700
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-id: <785CDC6D-D9DA-4006-9D3E-7EE3D1B645E9@apple.com>

Hi WebAppSec!

I filed the Fetch issue we discussed.
Issue: https://github.com/whatwg/fetch/issues/382 <https://github.com/whatwg/fetch/issues/382> CORS-safelisted request headers should be restricted according to RFC 7231
Our meeting notes: https://www.w3.org/2011/webappsec/minutes/2016-05-17-webappsec-minutes.html#item08
 <https://github.com/whatwg/fetch/issues/382>
   Regards, John

Received on Wednesday, 7 September 2016 00:09:25 UTC