- From: Michael Nordman <michaeln@google.com>
- Date: Fri, 1 Jul 2011 13:38:46 -0700
Cross-origin resources listed in the CACHE section aren't retrieved with the 'Origin' header and the responses may not contain the 'Access-Control-Allow-Origin' header. This makes it impossible to utilized CORS for appcache resources. http://code.google.com/p/chromium/issues/detail?id=86324 We may need a way to express in the manifest file that the x-origin resource is to be retrieved and cached with the CORS related headers. Maybe a new manifest file section a lot like the CACHE section but a little different... something like... CACHE-CORS:http://cross-origin/resource When fetching, the 'Origin' header would be included and the responses 'Access-Control-Allow-Origin' header would be cached. When accessed by pages associated with the appcache, the access-control-allow-origin header would be provided.
Received on Friday, 1 July 2011 13:38:46 UTC