- From: Kenneth Russell <kbr@google.com>
- Date: Thu, 19 May 2011 11:54:28 -0700
On Thu, May 19, 2011 at 12:27 AM, Henri Sivonen <hsivonen at iki.fi> wrote: > On Tue, 2011-05-17 at 14:25 -0700, Kenneth Russell wrote: >> Unfortunately, experimentation indicates that it is >> not possible to simply send CORS' Origin header with every HTTP GET >> request for images; some servers do not behave properly when this is >> done. > > How do they behave? Which servers? Why? Has evangelism been attempted? One service I tested returned a 403 when the Origin: header was specified and the request originated from certain networks. I contacted the team running the server and it sounded like this was a bug that had already been fixed but not deployed. It does indicate that other servers might mis-handle a CORS request. In general evangelism is definitely needed to encourage popular media hosting sites to support CORS. The WebGL working group is certainly going to perform some outreach since that specification is most directly impacted by these changes. -Ken
Received on Thursday, 19 May 2011 11:54:28 UTC