[whatwg] AppCache + CORS issue.

Cross-origin resources listed in the CACHE section aren't retrieved with the
'Origin' header and the responses may not contain the
'Access-Control-Allow-Origin'
header. This makes it impossible to utilized CORS for appcache resources.

http://code.google.com/p/chromium/issues/detail?id=86324

We may need a way to express in the manifest file that the x-origin
resource is to be retrieved and cached with the CORS related headers.
Maybe a new manifest file section a lot like the CACHE section but a
little different... something like...

CACHE-CORS:http://cross-origin/resource

When fetching, the 'Origin' header would be included and the responses
'Access-Control-Allow-Origin' header would be cached. When accessed by
pages associated with the appcache, the access-control-allow-origin
header would be provided.

Received on Friday, 1 July 2011 13:38:46 UTC