W3C home > Mailing lists > Public > whatwg@whatwg.org > October 2011

[whatwg] [CORS] WebKit tainting image instead of throwing error

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Tue, 04 Oct 2011 14:55:28 -0400
Message-ID: <4E8B56A0.4020803@mit.edu>
On 10/4/11 2:44 PM, Anne van Kesteren wrote:
> On Tue, 04 Oct 2011 20:32:02 +0200, Ian Hickson <ian at hixie.ch> wrote:
>> The idea is that if the server explicitly rejected the CORS request, then
>> the image should not be usable at all.
>
> FWIW, from a CORS-perspective both scenarios are fine. CORS only cares
> about whether data gets shared in the end.

Displaying images involves sharing data, basically.  That's why we're 
having to jump through all these hoops....

-Boris
Received on Tuesday, 4 October 2011 11:55:28 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:37 UTC