- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 04 Oct 2011 20:44:23 +0200
On Tue, 04 Oct 2011 20:32:02 +0200, Ian Hickson <ian at hixie.ch> wrote: > The idea is that if the server explicitly rejected the CORS request, then > the image should not be usable at all. FWIW, from a CORS-perspective both scenarios are fine. CORS only cares about whether data gets shared in the end. One advantage I can see about <img crossorigin> still displaying the image is that the request does not use cookies. Not displaying the image probably makes debugging easier however. -- Anne van Kesteren http://annevankesteren.nl/
Received on Tuesday, 4 October 2011 11:44:23 UTC