[fetch-metadata] cors in Sec-Fetch-Mode from shujun an on 2019-12-23 (public-webappsec@w3.org from December 2019)

From: shujun an <anshujun81@gmail.com>
Date: Mon, 23 Dec 2019 12:16:34 +0800
To: public-webappsec@w3.org
Message-ID: <CACsJ2xTmCyqNxnLRHdVWJBh5+tByZi35CzBJNnrK8Pb7T8UVig@mail.gmail.com>

Dear Sir/Madam,
The Sec-Fetch-Mode HTTP Request Header could be set to "cors", "navigate",
"nested-navigate", "no-cors", "same-origin", and "websocket". When it is
set to be "cors", is it the same with feature with an OPTIONS preflight
request and would not include cookies by default? I cannot find this direct
answer from section 2.2 in https://www.w3.org/TR/fetch-metadata/. Thanks!
Regards,
June

Received on Tuesday, 24 December 2019 15:33:38 UTC