[whatwg] ContextAgnosticXmlHttpRequest: an informal RFC

you mean in the GET request URI? :) or POST with XML payload, like the
eBay XML (non-REST) API.

But yeah, it also comes down to use cases and how badly we actually
would *need* cookie support. For any kind of heavily transactional
application that requires some sort of state persistence, we're more
likely to be hitting our own host.

Keeping in mind that state can also be persisted without even
resorting to cookies: get a token back in the xml response, snag it
via the dom, and send it back in the next GET request.


On Sun, 27 Mar 2005 10:35:53 -0600, Doron Rosenberg <doronr at gmail.com> wrote:
> I think we can easily skip sending any cookies.  Any sort of
> authentiation should be included in the XML that is sent (see google
> or amazon XML api)

Chris Holland

Received on Sunday, 27 March 2005 13:12:03 UTC